From 0a053569968cfcd323d336af2421122153043ed8 Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Jun 16 2015 16:45:00 +0000 Subject: xserver 1.17.2 --- diff --git a/0001-glamor-don-t-do-render-ops-with-matching-source-dest.patch b/0001-glamor-don-t-do-render-ops-with-matching-source-dest.patch deleted file mode 100644 index d2279cf..0000000 --- a/0001-glamor-don-t-do-render-ops-with-matching-source-dest.patch +++ /dev/null @@ -1,71 +0,0 @@ -From dd94c65ecc8b36617566df7db5b5ec2378ea96d8 Mon Sep 17 00:00:00 2001 -From: Dave Airlie -Date: Thu, 28 May 2015 05:30:01 +0000 -Subject: [PATCH] glamor: don't do render ops with matching source/dest (v2) - -XRender defines this, GL really doesn't like it. - -kwin 4.x and qt 4.x seem to make this happen for the -gradient in the titlebar, and on radeonsi/r600 hw -this draws all kinds of wrong. - -v2: bump this up a level, and check it earlier. -(I assume the XXXX was for this case.) - -Signed-off-by: Dave Airlie ---- - glamor/glamor_largepixmap.c | 9 +++++++++ - glamor/glamor_render.c | 10 +++++++++- - 2 files changed, 18 insertions(+), 1 deletion(-) - -diff --git a/glamor/glamor_largepixmap.c b/glamor/glamor_largepixmap.c -index 9b24584..b9c3b9a 100644 ---- a/glamor/glamor_largepixmap.c -+++ b/glamor/glamor_largepixmap.c -@@ -1046,6 +1046,15 @@ glamor_composite_largepixmap_region(CARD8 op, - int source_repeat_type = 0, mask_repeat_type = 0; - int ok = TRUE; - -+ if (source_pixmap_priv == dest_pixmap_priv) { -+ glamor_fallback("source and dest pixmaps are the same\n"); -+ return FALSE; -+ } -+ if (mask_pixmap_priv == dest_pixmap_priv) { -+ glamor_fallback("mask and dest pixmaps are the same\n"); -+ return FALSE; -+ } -+ - if (source->repeat) - source_repeat_type = source->repeatType; - else -diff --git a/glamor/glamor_render.c b/glamor/glamor_render.c -index 2386f2e..d9b16ea 100644 ---- a/glamor/glamor_render.c -+++ b/glamor/glamor_render.c -@@ -1400,6 +1400,7 @@ glamor_composite_clipped_region(CARD8 op, - { - ScreenPtr screen = dest->pDrawable->pScreen; - PixmapPtr source_pixmap = NULL, mask_pixmap = NULL; -+ PixmapPtr dest_pixmap = glamor_get_drawable_pixmap(dest->pDrawable); - PicturePtr temp_src = source, temp_mask = mask; - glamor_pixmap_private *temp_src_priv = source_pixmap_priv; - glamor_pixmap_private *temp_mask_priv = mask_pixmap_priv; -@@ -1502,7 +1503,14 @@ glamor_composite_clipped_region(CARD8 op, - } - } - -- /*XXXXX, self copy? */ -+ if (source_pixmap == dest_pixmap) { -+ glamor_fallback("source and dest pixmaps are the same\n"); -+ goto out; -+ } -+ if (mask_pixmap == dest_pixmap) { -+ glamor_fallback("mask and dest pixmaps are the same\n"); -+ goto out; -+ } - - x_dest += dest->pDrawable->x; - y_dest += dest->pDrawable->y; --- -1.8.3.1 - diff --git a/0001-include-Fix-endianness-setup.patch b/0001-include-Fix-endianness-setup.patch deleted file mode 100644 index 1d9a542..0000000 --- a/0001-include-Fix-endianness-setup.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 1f679da30a33f3ddad14bc6b2be0795160ae12b8 Mon Sep 17 00:00:00 2001 -From: Adam Jackson -Date: Thu, 9 Apr 2015 10:19:13 -0400 -Subject: [PATCH] include: Fix endianness setup - -Need to make sure X_{BIG,LITTLE}_ENDIAN actually get defined - -Signed-off-by: Adam Jackson ---- - include/dix-config.h.in | 1 + - include/xorg-server.h.in | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/include/dix-config.h.in b/include/dix-config.h.in -index 1aa77a5..5e53c00 100644 ---- a/include/dix-config.h.in -+++ b/include/dix-config.h.in -@@ -499,6 +499,7 @@ - - /* byte order */ - #undef X_BYTE_ORDER -+#include - - /* Listen on TCP socket */ - #undef LISTEN_TCP -diff --git a/include/xorg-server.h.in b/include/xorg-server.h.in -index 4cb9487..de6462a 100644 ---- a/include/xorg-server.h.in -+++ b/include/xorg-server.h.in -@@ -233,5 +233,6 @@ - - /* byte order */ - #undef X_BYTE_ORDER -+#include - - #endif /* _XORG_SERVER_H_ */ --- -2.1.0 - diff --git a/0001-int10-Fix-mapping-the-interrupt-vector.patch b/0001-int10-Fix-mapping-the-interrupt-vector.patch deleted file mode 100644 index b3fa99f..0000000 --- a/0001-int10-Fix-mapping-the-interrupt-vector.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 2f3267bc017a420854dc98aac1526fb8f11b1874 Mon Sep 17 00:00:00 2001 -From: Adam Jackson -Date: Wed, 4 Mar 2015 12:44:39 -0500 -Subject: [PATCH] int10: Fix mapping the interrupt vector - -pci_device_map_legacy returns 0 on success, and an errno value on -failure. It works a lot better if we don't treat 0 as failure. - -Signed-off-by: Adam Jackson ---- - hw/xfree86/int10/generic.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/xfree86/int10/generic.c b/hw/xfree86/int10/generic.c -index 012d194..8d5c4da 100644 ---- a/hw/xfree86/int10/generic.c -+++ b/hw/xfree86/int10/generic.c -@@ -104,7 +104,7 @@ readIntVec(struct pci_device *dev, unsigned char *buf, int len) - { - void *map; - -- if (!pci_device_map_legacy(dev, 0, len, 0, &map)) -+ if (pci_device_map_legacy(dev, 0, len, 0, &map)) - return FALSE; - - memcpy(buf, map, len); --- -1.9.3 - diff --git a/0001-modesetting-Fix-software-cursor-fallback.patch b/0001-modesetting-Fix-software-cursor-fallback.patch deleted file mode 100644 index ffb0875..0000000 --- a/0001-modesetting-Fix-software-cursor-fallback.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 63e4f22d5fe3d4247cb48c969b5f7f2690665d78 Mon Sep 17 00:00:00 2001 -From: Adel Gadllah -Date: Fri, 1 May 2015 17:21:12 +0200 -Subject: [PATCH] modesetting: Fix software cursor fallback -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The code in drmmode_set_cursor does not properly handle the case where -drmModeSetCursor2 returns any other error than EINVAL and silently fails to set -a cursor. - -So only return when the drmModeSetCursor2 succeeds (i.e returns 0) and disable -the cursor2 usage on EINVAL. - -References: https://bugzilla.redhat.com/show_bug.cgi?id=1205725 -Signed-off-by: Adel Gadllah -Reviewed-by: Michel Dänzer ---- - hw/xfree86/drivers/modesetting/drmmode_display.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/hw/xfree86/drivers/modesetting/drmmode_display.c b/hw/xfree86/drivers/modesetting/drmmode_display.c -index 824500b..912abda 100644 ---- a/hw/xfree86/drivers/modesetting/drmmode_display.c -+++ b/hw/xfree86/drivers/modesetting/drmmode_display.c -@@ -396,10 +396,10 @@ drmmode_set_cursor(xf86CrtcPtr crtc) - drmModeSetCursor2(drmmode->fd, drmmode_crtc->mode_crtc->crtc_id, - handle, ms->cursor_width, ms->cursor_height, - cursor->bits->xhot, cursor->bits->yhot); -+ if (!ret) -+ return; - if (ret == -EINVAL) - use_set_cursor2 = FALSE; -- else -- return; - } - - ret = drmModeSetCursor(drmmode->fd, drmmode_crtc->mode_crtc->crtc_id, handle, --- -2.1.0 - diff --git a/0001-os-access-fix-regression-in-server-interpreted-auth.patch b/0001-os-access-fix-regression-in-server-interpreted-auth.patch deleted file mode 100644 index 57bc703..0000000 --- a/0001-os-access-fix-regression-in-server-interpreted-auth.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 6b617438442aee010ae69e1134b5a6f34cbdc9fd Mon Sep 17 00:00:00 2001 -From: Dave Airlie -Date: Tue, 17 Feb 2015 14:38:21 +1000 -Subject: [PATCH] os/access: fix regression in server interpreted auth - -This was reported on irc on Fedora when rawhide went to 1.17.1. - -regression occured in: 2566835b4374edb3e5a8353d4f7c9e7ec4851c57 - os: Eliminate uninitialized value warnings from access.c - -siAddrMatch doesn't need addr to be a useful value, it checks -some things like localuser without having an address at all. - -Signed-off-by: Dave Airlie ---- - os/access.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/os/access.c b/os/access.c -index 28f2d32..8fa028e 100644 ---- a/os/access.c -+++ b/os/access.c -@@ -1392,7 +1392,7 @@ InvalidHost(register struct sockaddr *saddr, int len, ClientPtr client) - } - for (host = validhosts; host; host = host->next) { - if (host->family == FamilyServerInterpreted) { -- if (addr && siAddrMatch(family, addr, len, host, client)) { -+ if (siAddrMatch(family, addr, len, host, client)) { - return 0; - } - } --- -1.9.3 - diff --git a/0001-present-make-unflip-work-when-the-flip-window-is-des.patch b/0001-present-make-unflip-work-when-the-flip-window-is-des.patch deleted file mode 100644 index 08f7d54..0000000 --- a/0001-present-make-unflip-work-when-the-flip-window-is-des.patch +++ /dev/null @@ -1,48 +0,0 @@ -From df3b03e05b5c826584fc75466f404b53844edcf4 Mon Sep 17 00:00:00 2001 -From: Chris Wilson -Date: Thu, 5 Feb 2015 14:11:40 -0500 -Subject: [PATCH] present: Copy unflip contents back to the Screen Pixmap - -As we unflip after the flip Window no longer passes the pixel ownership -test for the full Screen Pixmap, we can no longer utilize that Window to -copy the contents back to the backing pixmap. To first flip means that -the Window was originally backed by the Screen Pixmap and wholly covered -the Pixmap, thus we need to copy the last frame contents to the Screen -Pixmap when the flip chain is complete. - ---- - present/present.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/present/present.c b/present/present.c -index 8e4829e..a516575 100644 ---- a/present/present.c -+++ b/present/present.c -@@ -377,20 +377,20 @@ present_set_tree_pixmap(WindowPtr window, PixmapPtr pixmap) - present_unflip(ScreenPtr screen) - { - present_screen_priv_ptr screen_priv = present_screen_priv(screen); -+ PixmapPtr pixmap = (*screen->GetScreenPixmap)(screen); - - assert (!screen_priv->unflip_event_id); - assert (!screen_priv->flip_pending); - - if (screen_priv->flip_window) -- present_set_tree_pixmap(screen_priv->flip_window, -- (*screen->GetScreenPixmap)(screen)); -+ present_set_tree_pixmap(screen_priv->flip_window, pixmap); - -- present_set_tree_pixmap(screen->root, (*screen->GetScreenPixmap)(screen)); -+ present_set_tree_pixmap(screen->root, pixmap); - - /* Update the screen pixmap with the current flip pixmap contents - */ - if (screen_priv->flip_pixmap && screen_priv->flip_window) { -- present_copy_region(&screen_priv->flip_window->drawable, -+ present_copy_region(&pixmap->drawable, - screen_priv->flip_pixmap, - NULL, 0, 0); - } --- -2.1.0 - diff --git a/0001-sdksyms.sh-Make-sdksyms.sh-work-with-gcc5.patch b/0001-sdksyms.sh-Make-sdksyms.sh-work-with-gcc5.patch deleted file mode 100644 index 0e0b20d..0000000 --- a/0001-sdksyms.sh-Make-sdksyms.sh-work-with-gcc5.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 612eb45a2e7a0b35cc3790870e6d0cc42eb50c74 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Wed, 11 Feb 2015 16:26:40 +0100 -Subject: [PATCH] sdksyms.sh: Make sdksyms.sh work with gcc5. - -gcc5's cpp inserts patterns like this: - -extern - __attribute__((visibility("default"))) - int WaitForSomething(int * - ); - -This patch make sdksyms.sh work with this. Note my awk skills are weak, so -there likely is a better way to deal with this. - -Signed-off-by: Hans de Goede ---- - hw/xfree86/sdksyms.sh | 17 +++++++++++++++++ - 1 file changed, 17 insertions(+) - -diff --git a/hw/xfree86/sdksyms.sh b/hw/xfree86/sdksyms.sh -index 2305073..99b0cae 100755 ---- a/hw/xfree86/sdksyms.sh -+++ b/hw/xfree86/sdksyms.sh -@@ -350,6 +350,23 @@ BEGIN { - if (sdk) { - n = 3; - -+ # detect the following gcc5 cpp pattern and skip it: -+ # extern -+ # # 320 "../../include/os.h" 3 4 -+ # __attribute__((visibility("default"))) -+ # # 320 "../../include/os.h" -+ # Note in this case the "extern " or "extern void " always has -+ # a trailing space -+ if ($0 ~ "^extern.* $") { -+ getline; -+ getline; -+ getline; -+ getline; -+ n = 1; -+ while ($n == " ") -+ n++; -+ } -+ - # skip attribute, if any - while ($n ~ /^(__attribute__|__global)/ || - # skip modifiers, if any --- -2.1.0 - diff --git a/0001-xwayland-Enable-access-control-on-open-sockets-CVE-2.patch b/0001-xwayland-Enable-access-control-on-open-sockets-CVE-2.patch deleted file mode 100644 index c8045a4..0000000 --- a/0001-xwayland-Enable-access-control-on-open-sockets-CVE-2.patch +++ /dev/null @@ -1,90 +0,0 @@ -From d80ec479f17bf0931b9332b4f3959c19ec62aba1 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Thu, 23 Apr 2015 14:10:23 -0400 -Subject: [PATCH 1/3] xwayland: Enable access control on open sockets - [CVE-2015-3164 1/3] - -Xwayland currently allows wide-open access to the X sockets -it listens on, ignoring Xauth access control. - -This commit makes sure to enable access control on the sockets, -so one user can't snoop on another user's X-over-wayland -applications. - -Signed-off-by: Ray Strode -Reviewed-by: Daniel Stone -Reviewed-by: Alan Coopersmith ---- - hw/xwayland/xwayland.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c -index 7e8d667..c5bee77 100644 ---- a/hw/xwayland/xwayland.c -+++ b/hw/xwayland/xwayland.c -@@ -456,61 +456,61 @@ block_handler(void *data, struct timeval **tv, void *read_mask) - FatalError("failed to dispatch Wayland events: %s\n", - strerror(errno)); - } - - xwl_screen->prepare_read = 1; - - ret = wl_display_flush(xwl_screen->display); - if (ret == -1) - FatalError("failed to write to XWayland fd: %s\n", strerror(errno)); - } - - static CARD32 - add_client_fd(OsTimerPtr timer, CARD32 time, void *arg) - { - struct xwl_screen *xwl_screen = arg; - - if (!AddClientOnOpenFD(xwl_screen->wm_fd)) - FatalError("Failed to add wm client\n"); - - TimerFree(timer); - - return 0; - } - - static void - listen_on_fds(struct xwl_screen *xwl_screen) - { - int i; - - for (i = 0; i < xwl_screen->listen_fd_count; i++) -- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); -+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE); - } - - static void - wm_selection_callback(CallbackListPtr *p, void *data, void *arg) - { - SelectionInfoRec *info = arg; - struct xwl_screen *xwl_screen = data; - static const char atom_name[] = "WM_S0"; - static Atom atom_wm_s0; - - if (atom_wm_s0 == None) - atom_wm_s0 = MakeAtom(atom_name, strlen(atom_name), TRUE); - if (info->selection->selection != atom_wm_s0 || - info->kind != SelectionSetOwner) - return; - - listen_on_fds(xwl_screen); - - DeleteCallback(&SelectionCallback, wm_selection_callback, xwl_screen); - } - - static Bool - xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) - { - struct xwl_screen *xwl_screen; - Pixel red_mask, blue_mask, green_mask; - int ret, bpc, green_bpc, i; - - xwl_screen = calloc(sizeof *xwl_screen, 1); - if (xwl_screen == NULL) --- -2.3.7 - diff --git a/0002-os-support-new-implicit-local-user-access-mode-CVE-2.patch b/0002-os-support-new-implicit-local-user-access-mode-CVE-2.patch deleted file mode 100644 index ee60215..0000000 --- a/0002-os-support-new-implicit-local-user-access-mode-CVE-2.patch +++ /dev/null @@ -1,484 +0,0 @@ -From 6003510f40dd64f8cd1c060b6fd5ca40d48d3e6d Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Thu, 23 Apr 2015 15:36:09 -0400 -Subject: [PATCH 2/3] os: support new implicit local user access mode - [CVE-2015-3164 2/3] - -If the X server is started without a '-auth' argument, then -it gets started wide open to all local users on the system. - -This isn't a great default access model, but changing it in -Xorg at this point would break backward compatibility. - -Xwayland, on the other hand is new, and much more targeted -in scope. It could, in theory, be changed to allow the much -more secure default of a "user who started X server can connect -clients to that server." - -This commit paves the way for that change, by adding a mechanism -for DDXs to opt-in to that behavior. They merely need to call - -LocalAccessScopeUser() - -in their init functions. - -A subsequent commit will add that call for Xwayland. - -Signed-off-by: Ray Strode -Reviewed-by: Daniel Stone -Reviewed-by: Alan Coopersmith ---- - include/os.h | 17 ++++++++++ - os/access.c | 109 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - os/auth.c | 8 ++--- - 3 files changed, 130 insertions(+), 4 deletions(-) - -diff --git a/include/os.h b/include/os.h -index 3e68c49..3c3954f 100644 ---- a/include/os.h -+++ b/include/os.h -@@ -386,65 +386,82 @@ InvalidHost(sockaddrPtr /*saddr */ , int /*len */ , ClientPtr client); - #define LCC_ZID_SET (1 << 3) - - typedef struct { - int fieldsSet; /* Bit mask of fields set */ - int euid; /* Effective uid */ - int egid; /* Primary effective group id */ - int nSuppGids; /* Number of supplementary group ids */ - int *pSuppGids; /* Array of supplementary group ids */ - int pid; /* Process id */ - int zoneid; /* Only set on Solaris 10 & later */ - } LocalClientCredRec; - - extern _X_EXPORT int - GetLocalClientCreds(ClientPtr, LocalClientCredRec **); - extern _X_EXPORT void - FreeLocalClientCreds(LocalClientCredRec *); - - extern _X_EXPORT int - ChangeAccessControl(ClientPtr /*client */ , int /*fEnabled */ ); - - extern _X_EXPORT int - GetAccessControl(void); - - extern _X_EXPORT void - AddLocalHosts(void); - - extern _X_EXPORT void - ResetHosts(const char *display); - - extern _X_EXPORT void -+EnableLocalAccess(void); -+ -+extern _X_EXPORT void -+DisableLocalAccess(void); -+ -+extern _X_EXPORT void - EnableLocalHost(void); - - extern _X_EXPORT void - DisableLocalHost(void); - -+#ifndef NO_LOCAL_CLIENT_CRED -+extern _X_EXPORT void -+EnableLocalUser(void); -+ -+extern _X_EXPORT void -+DisableLocalUser(void); -+ -+extern _X_EXPORT void -+LocalAccessScopeUser(void); -+#endif -+ - extern _X_EXPORT void - AccessUsingXdmcp(void); - - extern _X_EXPORT void - DefineSelf(int /*fd */ ); - - #if XDMCP - extern _X_EXPORT void - AugmentSelf(void *from, int len); - - extern _X_EXPORT void - RegisterAuthorizations(void); - #endif - - extern _X_EXPORT void - InitAuthorization(const char * /*filename */ ); - - /* extern int LoadAuthorization(void); */ - - extern _X_EXPORT int - AuthorizationFromID(XID id, - unsigned short *name_lenp, - const char **namep, - unsigned short *data_lenp, char **datap); - - extern _X_EXPORT XID - CheckAuthorization(unsigned int /*namelength */ , - const char * /*name */ , - unsigned int /*datalength */ , - const char * /*data */ , -diff --git a/os/access.c b/os/access.c -index 28f2d32..c9f8a1f 100644 ---- a/os/access.c -+++ b/os/access.c -@@ -75,60 +75,64 @@ SOFTWARE. - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER - * DEALINGS IN THE SOFTWARE. - */ - - #ifdef HAVE_DIX_CONFIG_H - #include - #endif - - #ifdef WIN32 - #include - #endif - - #include - #include - #define XSERV_t - #define TRANS_SERVER - #define TRANS_REOPEN - #include - #include - #include - #include - #include "misc.h" - #include "site.h" - #include - #include - #ifndef WIN32 - #include - #include - #include - -+#ifndef NO_LOCAL_CLIENT_CRED -+#include -+#endif -+ - #if defined(TCPCONN) || defined(STREAMSCONN) - #include - #endif /* TCPCONN || STREAMSCONN */ - - #ifdef HAVE_GETPEERUCRED - #include - #ifdef sun - #include - #endif - #endif - - #if defined(SVR4) || (defined(SYSV) && defined(__i386__)) || defined(__GNU__) - #include - #endif - #if defined(SYSV) && defined(__i386__) - #include - #endif - #ifdef __GNU__ - #undef SIOCGIFCONF - #include - #else /*!__GNU__ */ - #include - #endif /*__GNU__ */ - - #ifdef SVR4 - #include - #include - #endif - - #include -@@ -198,97 +202,202 @@ static Bool NewHost(int /*family */ , - int /* addingLocalHosts */ ); - - /* XFree86 bug #156: To keep track of which hosts were explicitly requested in - /etc/X.hosts, we've added a requested field to the HOST struct, - and a LocalHostRequested variable. These default to FALSE, but are set - to TRUE in ResetHosts when reading in /etc/X.hosts. They are - checked in DisableLocalHost(), which is called to disable the default - local host entries when stronger authentication is turned on. */ - - typedef struct _host { - short family; - short len; - unsigned char *addr; - struct _host *next; - int requested; - } HOST; - - #define MakeHost(h,l) (h)=malloc(sizeof *(h)+(l));\ - if (h) { \ - (h)->addr=(unsigned char *) ((h) + 1);\ - (h)->requested = FALSE; \ - } - #define FreeHost(h) free(h) - static HOST *selfhosts = NULL; - static HOST *validhosts = NULL; - static int AccessEnabled = DEFAULT_ACCESS_CONTROL; - static int LocalHostEnabled = FALSE; - static int LocalHostRequested = FALSE; - static int UsingXdmcp = FALSE; - -+static enum { -+ LOCAL_ACCESS_SCOPE_HOST = 0, -+#ifndef NO_LOCAL_CLIENT_CRED -+ LOCAL_ACCESS_SCOPE_USER, -+#endif -+} LocalAccessScope; -+ - /* FamilyServerInterpreted implementation */ - static Bool siAddrMatch(int family, void *addr, int len, HOST * host, - ClientPtr client); - static int siCheckAddr(const char *addrString, int length); - static void siTypesInitialize(void); - - /* - * called when authorization is not enabled to add the - * local host to the access list - */ - - void -+EnableLocalAccess(void) -+{ -+ switch (LocalAccessScope) { -+ case LOCAL_ACCESS_SCOPE_HOST: -+ EnableLocalHost(); -+ break; -+#ifndef NO_LOCAL_CLIENT_CRED -+ case LOCAL_ACCESS_SCOPE_USER: -+ EnableLocalUser(); -+ break; -+#endif -+ } -+} -+ -+void - EnableLocalHost(void) - { - if (!UsingXdmcp) { - LocalHostEnabled = TRUE; - AddLocalHosts(); - } - } - - /* - * called when authorization is enabled to keep us secure - */ - void -+DisableLocalAccess(void) -+{ -+ switch (LocalAccessScope) { -+ case LOCAL_ACCESS_SCOPE_HOST: -+ DisableLocalHost(); -+ break; -+#ifndef NO_LOCAL_CLIENT_CRED -+ case LOCAL_ACCESS_SCOPE_USER: -+ DisableLocalUser(); -+ break; -+#endif -+ } -+} -+ -+void - DisableLocalHost(void) - { - HOST *self; - - if (!LocalHostRequested) /* Fix for XFree86 bug #156 */ - LocalHostEnabled = FALSE; - for (self = selfhosts; self; self = self->next) { - if (!self->requested) /* Fix for XFree86 bug #156 */ - (void) RemoveHost((ClientPtr) NULL, self->family, self->len, - (void *) self->addr); - } - } - -+#ifndef NO_LOCAL_CLIENT_CRED -+static int GetLocalUserAddr(char **addr) -+{ -+ static const char *type = "localuser"; -+ static const char delimiter = '\0'; -+ static const char *value; -+ struct passwd *pw; -+ int length = -1; -+ -+ pw = getpwuid(getuid()); -+ -+ if (pw == NULL || pw->pw_name == NULL) -+ goto out; -+ -+ value = pw->pw_name; -+ -+ length = asprintf(addr, "%s%c%s", type, delimiter, value); -+ -+ if (length == -1) { -+ goto out; -+ } -+ -+ /* Trailing NUL */ -+ length++; -+ -+out: -+ return length; -+} -+ -+void -+EnableLocalUser(void) -+{ -+ char *addr = NULL; -+ int length = -1; -+ -+ length = GetLocalUserAddr(&addr); -+ -+ if (length == -1) -+ return; -+ -+ NewHost(FamilyServerInterpreted, addr, length, TRUE); -+ -+ free(addr); -+} -+ -+void -+DisableLocalUser(void) -+{ -+ char *addr = NULL; -+ int length = -1; -+ -+ length = GetLocalUserAddr(&addr); -+ -+ if (length == -1) -+ return; -+ -+ RemoveHost(NULL, FamilyServerInterpreted, length, addr); -+ -+ free(addr); -+} -+ -+void -+LocalAccessScopeUser(void) -+{ -+ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER; -+} -+#endif -+ - /* - * called at init time when XDMCP will be used; xdmcp always - * adds local hosts manually when needed - */ - - void - AccessUsingXdmcp(void) - { - UsingXdmcp = TRUE; - LocalHostEnabled = FALSE; - } - - #if defined(SVR4) && !defined(sun) && defined(SIOCGIFCONF) && !defined(USE_SIOCGLIFCONF) - - /* Deal with different SIOCGIFCONF ioctl semantics on these OSs */ - - static int - ifioctl(int fd, int cmd, char *arg) - { - struct strioctl ioc; - int ret; - - memset((char *) &ioc, 0, sizeof(ioc)); - ioc.ic_cmd = cmd; - ioc.ic_timout = 0; - if (cmd == SIOCGIFCONF) { - ioc.ic_len = ((struct ifconf *) arg)->ifc_len; - ioc.ic_dp = ((struct ifconf *) arg)->ifc_buf; - } - else { -diff --git a/os/auth.c b/os/auth.c -index 5fcb538..7da6fc6 100644 ---- a/os/auth.c -+++ b/os/auth.c -@@ -154,78 +154,78 @@ RegisterAuthorizations(void) - (int) protocols[i].name_length); - } - #endif - - XID - CheckAuthorization(unsigned int name_length, - const char *name, - unsigned int data_length, - const char *data, ClientPtr client, const char **reason) - { /* failure message. NULL for default msg */ - int i; - struct stat buf; - static time_t lastmod = 0; - static Bool loaded = FALSE; - - if (!authorization_file || stat(authorization_file, &buf)) { - if (lastmod != 0) { - lastmod = 0; - ShouldLoadAuth = TRUE; /* stat lost, so force reload */ - } - } - else if (buf.st_mtime > lastmod) { - lastmod = buf.st_mtime; - ShouldLoadAuth = TRUE; - } - if (ShouldLoadAuth) { - int loadauth = LoadAuthorization(); - - /* - * If the authorization file has at least one entry for this server, -- * disable local host access. (loadauth > 0) -+ * disable local access. (loadauth > 0) - * - * If there are zero entries (either initially or when the - * authorization file is later reloaded), or if a valid -- * authorization file was never loaded, enable local host access. -+ * authorization file was never loaded, enable local access. - * (loadauth == 0 || !loaded) - * - * If the authorization file was loaded initially (with valid - * entries for this server), and reloading it later fails, don't - * change anything. (loadauth == -1 && loaded) - */ - - if (loadauth > 0) { -- DisableLocalHost(); /* got at least one */ -+ DisableLocalAccess(); /* got at least one */ - loaded = TRUE; - } - else if (loadauth == 0 || !loaded) -- EnableLocalHost(); -+ EnableLocalAccess(); - } - if (name_length) { - for (i = 0; i < NUM_AUTHORIZATION; i++) { - if (protocols[i].name_length == name_length && - memcmp(protocols[i].name, name, (int) name_length) == 0) { - return (*protocols[i].Check) (data_length, data, client, - reason); - } - *reason = "Protocol not supported by server\n"; - } - } - else - *reason = "No protocol specified\n"; - return (XID) ~0L; - } - - void - ResetAuthorization(void) - { - int i; - - for (i = 0; i < NUM_AUTHORIZATION; i++) - if (protocols[i].Reset) - (*protocols[i].Reset) (); - ShouldLoadAuth = TRUE; - } - - int - AuthorizationFromID(XID id, - unsigned short *name_lenp, --- -2.3.7 - diff --git a/0003-xwayland-default-to-local-user-if-no-xauth-file-give.patch b/0003-xwayland-default-to-local-user-if-no-xauth-file-give.patch deleted file mode 100644 index ad73c8f..0000000 --- a/0003-xwayland-default-to-local-user-if-no-xauth-file-give.patch +++ /dev/null @@ -1,63 +0,0 @@ -From fc11a1d595222932af192e7aef551b98cd3393f2 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Thu, 23 Apr 2015 15:39:50 -0400 -Subject: [PATCH 3/3] xwayland: default to local user if no xauth file given. - [CVE-2015-3164 3/3] - -Right now if "-auth" isn't passed on the command line, we let -any user on the system connect to the Xwayland server. - -That's clearly suboptimal, given Xwayland is generally designed -to be used by one user at a time. - -This commit changes the behavior, so only the user who started the -X server can connect clients to it. - -Signed-off-by: Ray Strode -Reviewed-by: Daniel Stone -Reviewed-by: Alan Coopersmith ---- - hw/xwayland/xwayland.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c -index c5bee77..bc92beb 100644 ---- a/hw/xwayland/xwayland.c -+++ b/hw/xwayland/xwayland.c -@@ -675,31 +675,33 @@ static const ExtensionModule xwayland_extensions[] = { - void - InitOutput(ScreenInfo * screen_info, int argc, char **argv) - { - int depths[] = { 1, 4, 8, 15, 16, 24, 32 }; - int bpp[] = { 1, 8, 8, 16, 16, 32, 32 }; - int i; - - for (i = 0; i < ARRAY_SIZE(depths); i++) { - screen_info->formats[i].depth = depths[i]; - screen_info->formats[i].bitsPerPixel = bpp[i]; - screen_info->formats[i].scanlinePad = BITMAP_SCANLINE_PAD; - } - - screen_info->imageByteOrder = IMAGE_BYTE_ORDER; - screen_info->bitmapScanlineUnit = BITMAP_SCANLINE_UNIT; - screen_info->bitmapScanlinePad = BITMAP_SCANLINE_PAD; - screen_info->bitmapBitOrder = BITMAP_BIT_ORDER; - screen_info->numPixmapFormats = ARRAY_SIZE(depths); - - LoadExtensionList(xwayland_extensions, - ARRAY_SIZE(xwayland_extensions), FALSE); - - /* Cast away warning from missing printf annotation for - * wl_log_func_t. Wayland 1.5 will have the annotation, so we can - * remove the cast and require that when it's released. */ - wl_log_set_handler_client((void *) xwl_log_handler); - - if (AddScreen(xwl_screen_init, argc, argv) == -1) { - FatalError("Couldn't add screen\n"); - } -+ -+ LocalAccessScopeUser(); - } --- -2.3.7 - diff --git a/sources b/sources index 72d7c14..381de52 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5986510d59e394a50126a8e2833e79d3 xorg-server-1.17.1.tar.bz2 +397e405566651150490ff493e463f1ad xorg-server-1.17.2.tar.bz2 diff --git a/systemd-logind-dont-second-guess-D-Bus-default-tim.patch b/systemd-logind-dont-second-guess-D-Bus-default-tim.patch deleted file mode 100644 index 0245211..0000000 --- a/systemd-logind-dont-second-guess-D-Bus-default-tim.patch +++ /dev/null @@ -1,446 +0,0 @@ -From 89250c82a01062775f8f840737a757125138fbce Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Fri, 10 Apr 2015 14:19:50 -0400 -Subject: [PATCH] systemd-logind: don't second guess D-Bus default timeout - -At the moment, the X server uses a non-default timeout for D-Bus -messages to systemd-logind. The only timeouts normally used with -D-Bus are: - -1) Infinite -2) Default - -Anything else is just as arbitrary as Default, and so rarely makes -sense to use instead of Default. - -Put another way, there's little reason to be fault tolerant against -a local root running daemon (logind), that in some configurations, the -X server already depends on for proper functionality. - -This commit changes systemd-logind to just use the default timeouts. - -https://bugzilla.redhat.com/show_bug.cgi?id=1209347 ---- - hw/xfree86/os-support/linux/systemd-logind.c | 14 ++++++-------- - 1 file changed, 6 insertions(+), 8 deletions(-) - -diff --git a/hw/xfree86/os-support/linux/systemd-logind.c b/hw/xfree86/os-support/linux/systemd-logind.c -index 57c87c0..4ad41a3 100644 ---- a/hw/xfree86/os-support/linux/systemd-logind.c -+++ b/hw/xfree86/os-support/linux/systemd-logind.c -@@ -13,62 +13,60 @@ - * Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL - * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER - * DEALINGS IN THE SOFTWARE. - * - * Author: Hans de Goede - */ - - #ifdef HAVE_XORG_CONFIG_H - #include - #endif - - #include - #include - #include - #include - - #include "os.h" - #include "dbus-core.h" - #include "xf86.h" - #include "xf86platformBus.h" - #include "xf86Xinput.h" - - #include "systemd-logind.h" - --#define DBUS_TIMEOUT 500 /* Wait max 0.5 seconds */ -- - struct systemd_logind_info { - DBusConnection *conn; - char *session; - Bool active; - Bool vt_active; - }; - - static struct systemd_logind_info logind_info; - - static InputInfoPtr - systemd_logind_find_info_ptr_by_devnum(InputInfoPtr start, - int major, int minor) - { - InputInfoPtr pInfo; - - for (pInfo = start; pInfo; pInfo = pInfo->next) - if (pInfo->major == major && pInfo->minor == minor && - (pInfo->flags & XI86_SERVER_FD)) - return pInfo; - - return NULL; - } - - static void - systemd_logind_set_input_fd_for_all_devs(int major, int minor, int fd, - Bool enable) - { - InputInfoPtr pInfo; - - pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); -@@ -103,61 +101,61 @@ systemd_logind_take_fd(int _major, int _minor, const char *path, - if (strstr(path, "mouse")) - return -1; - - /* Check if we already have an InputInfo entry with this major, minor - * (shared device-nodes happen ie with Wacom tablets). */ - pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); - if (pInfo) { - LogMessage(X_INFO, "systemd-logind: returning pre-existing fd for %s %u:%u\n", - path, major, minor); - *paused_ret = FALSE; - return pInfo->fd; - } - - dbus_error_init(&error); - - msg = dbus_message_new_method_call("org.freedesktop.login1", info->session, - "org.freedesktop.login1.Session", "TakeDevice"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &major, - DBUS_TYPE_UINT32, &minor, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(info->conn, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) { - LogMessage(X_ERROR, "systemd-logind: failed to take device %s: %s\n", - path, error.message); - goto cleanup; - } - - if (!dbus_message_get_args(reply, &error, - DBUS_TYPE_UNIX_FD, &fd, - DBUS_TYPE_BOOLEAN, &paused, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: TakeDevice %s: %s\n", - path, error.message); - goto cleanup; - } - - *paused_ret = paused; - - LogMessage(X_INFO, "systemd-logind: got fd for %s %u:%u fd %d paused %d\n", - path, major, minor, fd, paused); - - cleanup: - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - - return fd; - } - -@@ -180,61 +178,61 @@ systemd_logind_release_fd(int _major, int _minor, int fd) - * and minor, otherwise other InputInfo's are still referencing the fd. */ - pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); - while (pInfo) { - matches++; - pInfo = systemd_logind_find_info_ptr_by_devnum(pInfo->next, major, minor); - } - if (matches > 1) { - LogMessage(X_INFO, "systemd-logind: not releasing fd for %u:%u, still in use\n", major, minor); - return; - } - - LogMessage(X_INFO, "systemd-logind: releasing fd for %u:%u\n", major, minor); - - dbus_error_init(&error); - - msg = dbus_message_new_method_call("org.freedesktop.login1", info->session, - "org.freedesktop.login1.Session", "ReleaseDevice"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &major, - DBUS_TYPE_UINT32, &minor, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(info->conn, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) - LogMessage(X_ERROR, "systemd-logind: failed to release device: %s\n", - error.message); - - cleanup: - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - close: - if (fd != -1) - close(fd); - } - - int - systemd_logind_controls_session(void) - { - return logind_info.session ? 1 : 0; - } - - void - systemd_logind_vtenter(void) - { - struct systemd_logind_info *info = &logind_info; - InputInfoPtr pInfo; - int i; - - if (!info->session) - return; /* Not using systemd-logind */ -@@ -262,61 +260,61 @@ systemd_logind_vtenter(void) - - /* Do delayed input probing, this must be done after the above enabling */ - xf86InputEnableVTProbe(); - } - - static void - systemd_logind_ack_pause(struct systemd_logind_info *info, - dbus_int32_t minor, dbus_int32_t major) - { - DBusError error; - DBusMessage *msg = NULL; - DBusMessage *reply = NULL; - - dbus_error_init(&error); - - msg = dbus_message_new_method_call("org.freedesktop.login1", info->session, - "org.freedesktop.login1.Session", "PauseDeviceComplete"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &major, - DBUS_TYPE_UINT32, &minor, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(info->conn, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) - LogMessage(X_ERROR, "systemd-logind: failed to ack pause: %s\n", - error.message); - - cleanup: - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - } - - static DBusHandlerResult - message_filter(DBusConnection * connection, DBusMessage * message, void *data) - { - struct systemd_logind_info *info = data; - struct xf86_platform_device *pdev = NULL; - InputInfoPtr pInfo = NULL; - int ack = 0, pause = 0, fd = -1; - DBusError error; - dbus_int32_t major, minor; - char *pause_str; - - if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_SIGNAL) - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - - dbus_error_init(&error); - - if (dbus_message_is_signal(message, - "org.freedesktop.DBus", "NameOwnerChanged")) { -@@ -430,96 +428,96 @@ message_filter(DBusConnection * connection, DBusMessage * message, void *data) - } - - static void - connect_hook(DBusConnection *connection, void *data) - { - struct systemd_logind_info *info = data; - DBusError error; - DBusMessage *msg = NULL; - DBusMessage *reply = NULL; - dbus_int32_t arg; - char *session = NULL; - - dbus_error_init(&error); - - msg = dbus_message_new_method_call("org.freedesktop.login1", - "/org/freedesktop/login1", "org.freedesktop.login1.Manager", - "GetSessionByPID"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - arg = getpid(); - if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &arg, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(connection, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) { - LogMessage(X_ERROR, "systemd-logind: failed to get session: %s\n", - error.message); - goto cleanup; - } - dbus_message_unref(msg); - - if (!dbus_message_get_args(reply, &error, DBUS_TYPE_OBJECT_PATH, &session, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: GetSessionByPID: %s\n", - error.message); - goto cleanup; - } - session = XNFstrdup(session); - - dbus_message_unref(reply); - reply = NULL; - - - msg = dbus_message_new_method_call("org.freedesktop.login1", - session, "org.freedesktop.login1.Session", "TakeControl"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - arg = FALSE; /* Don't forcibly take over over the session */ - if (!dbus_message_append_args(msg, DBUS_TYPE_BOOLEAN, &arg, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(connection, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) { - LogMessage(X_ERROR, "systemd-logind: TakeControl failed: %s\n", - error.message); - goto cleanup; - } - - dbus_bus_add_match(connection, - "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',path='/org/freedesktop/DBus'", - &error); - if (dbus_error_is_set(&error)) { - LogMessage(X_ERROR, "systemd-logind: could not add match: %s\n", - error.message); - goto cleanup; - } - - /* - * HdG: This is not useful with systemd <= 208 since the signal only - * contains invalidated property names there, rather than property, val - * pairs as it should. Instead we just use the first resume / pause now. - */ - #if 0 - snprintf(match, sizeof(match), - "type='signal',sender='org.freedesktop.login1',interface='org.freedesktop.DBus.Properties',member='PropertiesChanged',path='%s'", - session); - dbus_bus_add_match(connection, match, &error); - if (dbus_error_is_set(&error)) { - LogMessage(X_ERROR, "systemd-logind: could not add match: %s\n", - error.message); - goto cleanup; - } -@@ -537,61 +535,61 @@ connect_hook(DBusConnection *connection, void *data) - info->session = session; - info->vt_active = info->active = TRUE; /* The server owns the vt during init */ - session = NULL; - - cleanup: - free(session); - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - } - - static void - systemd_logind_release_control(struct systemd_logind_info *info) - { - DBusError error; - DBusMessage *msg = NULL; - DBusMessage *reply = NULL; - - dbus_error_init(&error); - - msg = dbus_message_new_method_call("org.freedesktop.login1", - info->session, "org.freedesktop.login1.Session", "ReleaseControl"); - if (!msg) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(info->conn, msg, -- DBUS_TIMEOUT, &error); -+ DBUS_TIMEOUT_USE_DEFAULT, &error); - if (!reply) { - LogMessage(X_ERROR, "systemd-logind: ReleaseControl failed: %s\n", - error.message); - goto cleanup; - } - - cleanup: - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - } - - static void - disconnect_hook(void *data) - { - struct systemd_logind_info *info = data; - - free(info->session); - info->session = NULL; - info->conn = NULL; - } - - static struct dbus_core_hook core_hook = { - .connect = connect_hook, - .disconnect = disconnect_hook, - .data = &logind_info, - }; - --- -2.3.3 \ No newline at end of file diff --git a/systemd-logind-filter-out-non-signal-messages-from.patch b/systemd-logind-filter-out-non-signal-messages-from.patch deleted file mode 100644 index af319c5..0000000 --- a/systemd-logind-filter-out-non-signal-messages-from.patch +++ /dev/null @@ -1,90 +0,0 @@ -From e90798c142dedc4fd296936b69fe34a40d0aa35a Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Fri, 10 Apr 2015 14:19:50 -0400 -Subject: [PATCH] systemd-logind: filter out non-signal messages from message - filter - -It's possible to receive a message reply in the message filter if a -previous message call timed out locally before the reply arrived. - -The message_filter function only handles signals, at the moment, and -does not properly handle message replies. - -This commit changes the message_filter function to filter out all -non-signal messages, including spurious message replies. - -https://bugzilla.redhat.com/show_bug.cgi?id=1209347 ---- - hw/xfree86/os-support/linux/systemd-logind.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/hw/xfree86/os-support/linux/systemd-logind.c b/hw/xfree86/os-support/linux/systemd-logind.c -index 49758f4..57c87c0 100644 ---- a/hw/xfree86/os-support/linux/systemd-logind.c -+++ b/hw/xfree86/os-support/linux/systemd-logind.c -@@ -286,60 +286,63 @@ systemd_logind_ack_pause(struct systemd_logind_info *info, - DBUS_TYPE_INVALID)) { - LogMessage(X_ERROR, "systemd-logind: out of memory\n"); - goto cleanup; - } - - reply = dbus_connection_send_with_reply_and_block(info->conn, msg, - DBUS_TIMEOUT, &error); - if (!reply) - LogMessage(X_ERROR, "systemd-logind: failed to ack pause: %s\n", - error.message); - - cleanup: - if (msg) - dbus_message_unref(msg); - if (reply) - dbus_message_unref(reply); - dbus_error_free(&error); - } - - static DBusHandlerResult - message_filter(DBusConnection * connection, DBusMessage * message, void *data) - { - struct systemd_logind_info *info = data; - struct xf86_platform_device *pdev = NULL; - InputInfoPtr pInfo = NULL; - int ack = 0, pause = 0, fd = -1; - DBusError error; - dbus_int32_t major, minor; - char *pause_str; - -+ if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_SIGNAL) -+ return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; -+ - dbus_error_init(&error); - - if (dbus_message_is_signal(message, - "org.freedesktop.DBus", "NameOwnerChanged")) { - char *name, *old_owner, *new_owner; - - dbus_message_get_args(message, &error, - DBUS_TYPE_STRING, &name, - DBUS_TYPE_STRING, &old_owner, - DBUS_TYPE_STRING, &new_owner, DBUS_TYPE_INVALID); - if (dbus_error_is_set(&error)) { - LogMessage(X_ERROR, "systemd-logind: NameOwnerChanged: %s\n", - error.message); - dbus_error_free(&error); - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - } - - if (name && strcmp(name, "org.freedesktop.login1") == 0) - FatalError("systemd-logind disappeared (stopped/restarted?)\n"); - - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - } - - if (strcmp(dbus_message_get_path(message), info->session) != 0) - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - - if (dbus_message_is_signal(message, "org.freedesktop.login1.Session", - "PauseDevice")) { - if (!dbus_message_get_args(message, &error, - DBUS_TYPE_UINT32, &major, --- -2.3.3 \ No newline at end of file diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index 715b491..994d8a1 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -44,8 +44,8 @@ Summary: X.Org X11 X server Name: xorg-x11-server -Version: 1.17.1 -Release: 16%{?gitdate:.%{gitdate}}%{dist} +Version: 1.17.2 +Release: 1%{?gitdate:.%{gitdate}}%{dist} URL: http://www.x.org License: MIT Group: User Interface/X @@ -85,13 +85,6 @@ Patch5002: xserver-1.4.99-ssh-isnt-local.patch Patch6030: xserver-1.6.99-right-of.patch #Patch6044: xserver-1.6.99-hush-prerelease-warning.patch -# https://bugzilla.gnome.org/show_bug.cgi?id=737226 -Patch6045: 0001-present-make-unflip-work-when-the-flip-window-is-des.patch - -# https://bugzilla.redhat.com/show_bug.cgi?id=1209347 -Patch6055: systemd-logind-filter-out-non-signal-messages-from.patch -Patch6056: systemd-logind-dont-second-guess-D-Bus-default-tim.patch - Patch7025: 0001-Always-install-vbe-and-int10-sdk-headers.patch # do not upstream - do not even use here yet @@ -100,40 +93,20 @@ Patch7027: xserver-autobind-hotplug.patch # submitted: http://lists.x.org/archives/xorg-devel/2013-October/037996.html Patch9100: exa-only-draw-valid-trapezoids.patch -# submitted upstream: regression in 1.17.0 -Patch9200: 0001-os-access-fix-regression-in-server-interpreted-auth.patch - # because the display-managers are not ready yet, do not upstream Patch10000: 0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch -# Fix build with gcc5, submitted upstream, likely needs a better fix -Patch10001: 0001-sdksyms.sh-Make-sdksyms.sh-work-with-gcc5.patch - -Patch10002: 0001-int10-Fix-mapping-the-interrupt-vector.patch -Patch10003: 0001-include-Fix-endianness-setup.patch - # rhbz1203780, submitted upstream Patch10004: 0001-linux-Add-linux_parse_vt_settings-and-linux_get_keep.patch Patch10005: 0002-linux-Add-a-may_fail-paramter-to-linux_parse_vt_sett.patch Patch10006: 0003-systemd-logind-Only-use-systemd-logind-integration-t.patch -# rhbz1205725, submitted upstream -Patch10007: 0001-modesetting-Fix-software-cursor-fallback.patch - # rhbz1208992: Mouse cursor doesn't move when moving the physical mouse # slowly. # already upstream Patch10010: 0001-dix-Add-unaccelerated-valuators-to-the-ValuatorMask.patch Patch10011: 0002-dix-hook-up-the-unaccelerated-valuator-masks.patch -# glamor fix from RHEL7 fix sent upstream -Patch10020: 0001-glamor-don-t-do-render-ops-with-matching-source-dest.patch - -# CVE-2015-3164 -Patch201531640: 0001-xwayland-Enable-access-control-on-open-sockets-CVE-2.patch -Patch201531641: 0002-os-support-new-implicit-local-user-access-mode-CVE-2.patch -Patch201531642: 0003-xwayland-default-to-local-user-if-no-xauth-file-give.patch - %global moduledir %{_libdir}/xorg/modules %global drimoduledir %{_libdir}/dri %global sdkdir %{_includedir}/xorg @@ -671,6 +644,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete %changelog +* Tue Jun 16 2015 Adam Jackson 1.17.2-1 +- xserver 1.17.2 + * Tue Jun 16 2015 Dave Airlie 1.17.1-16 - fix bug with glamor and overlapping copies