xserver: Branch 'mpx' - 35 commits
Peter Hutterer
whot at kemper.freedesktop.org
Wed Jan 30 21:58:52 PST 2008
GL/glx/glxdri.c | 82 +++++---
Xext/EVI.c | 15 +
Xext/Makefile.am | 2
Xext/cup.c | 3
Xext/sampleEVI.c | 31 ++-
Xext/shm.c | 50 ++++-
Xext/xace.c | 198 +--------------------
Xext/xace.h | 10 -
Xext/xselinux.c | 301 +++++++++++++++++++++-----------
Xext/xselinux.h | 10 -
Xext/xvdisp.c | 6
Xi/chgfctl.c | 7
Xi/chgkmap.c | 14 -
Xi/chgprop.c | 10 -
Xi/grabdev.c | 12 -
Xi/grabdevb.c | 10 -
Xi/grabdevk.c | 9
Xi/selectev.c | 11 -
Xi/sendexev.c | 14 -
configure.ac | 2
dix/dispatch.c | 5
dix/dixfonts.c | 7
dix/window.c | 3
exa/exa.h | 3
exa/exa_priv.h | 3
hw/kdrive/ephyr/ephyr.c | 3
hw/kdrive/ephyr/ephyrdriext.c | 2
hw/kdrive/ephyr/ephyrlog.h | 4
hw/kdrive/ephyr/hostx.c | 20 +-
hw/kdrive/src/kinput.c | 4
hw/xfree86/common/xf86MiscExt.c | 4
hw/xfree86/dixmods/extmod/modinit.c | 9
hw/xfree86/dixmods/extmod/modinit.h | 5
hw/xfree86/modes/xf86Cursors.c | 2
hw/xfree86/modes/xf86EdidModes.c | 37 ++-
hw/xfree86/os-support/linux/lnx_video.c | 11 -
hw/xquartz/X11Application.h | 1
hw/xquartz/X11Application.m | 7
hw/xquartz/X11Controller.m | 2
hw/xquartz/bundle/Info.plist | 2
hw/xquartz/bundle/Makefile.am | 2
hw/xquartz/bundle/bundle-main.c | 3
mi/miinitext.c | 15 -
os/io.c | 2
xkb/xkbUtils.c | 1
45 files changed, 496 insertions(+), 458 deletions(-)
New commits:
commit 6c38682084e24b18bac0ea75729b1183aeb01600
Author: Benjamin Tissoires <tissoire at cena.fr>
Date: Thu Jan 31 15:51:32 2008 +1030
kdrive: AddInputClient takes a ClientPtr.
diff --git a/hw/kdrive/src/kinput.c b/hw/kdrive/src/kinput.c
index c7c10e4..5b1dc5c 100644
--- a/hw/kdrive/src/kinput.c
+++ b/hw/kdrive/src/kinput.c
@@ -1015,7 +1015,7 @@ KdAddKeyboard (KdKeyboardInfo *ki)
if (!ki)
return !Success;
- ki->dixdev = AddInputDevice(KdKeyboardProc, TRUE);
+ ki->dixdev = AddInputDevice(serverClient, KdKeyboardProc, TRUE);
if (!ki->dixdev) {
ErrorF("Couldn't register keyboard device %s\n",
ki->name ? ki->name : "(unnamed)");
@@ -1084,7 +1084,7 @@ KdAddPointer (KdPointerInfo *pi)
pi->mouseState = start;
pi->eventHeld = FALSE;
- pi->dixdev = AddInputDevice(KdPointerProc, TRUE);
+ pi->dixdev = AddInputDevice(serverClient, KdPointerProc, TRUE);
if (!pi->dixdev) {
ErrorF("Couldn't add pointer device %s\n",
pi->name ? pi->name : "(unnamed)");
commit 0ac175597712edfeae676f536746a4d26d625e30
Merge: 210eeef... e915a26...
Author: Peter Hutterer <peter at cs.unisa.edu.au>
Date: Sat Jan 26 13:55:07 2008 +1030
Merge branch 'master' into mpx
Conflicts:
Xext/sampleEVI.c
diff --cc Xext/sampleEVI.c
index 5dd6e45,b871bfd..a389efe
--- a/Xext/sampleEVI.c
+++ b/Xext/sampleEVI.c
@@@ -42,14 -49,16 +49,16 @@@ static int sampleGetVisualInfo
VisualID32 **conflict_rn,
int *n_conflict_rn)
{
- int max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens;
+ unsigned int max_sz_evi;
VisualID32 *temp_conflict;
xExtendedVisualInfo *evi;
- int max_visuals = 0, max_sz_conflict, sz_conflict = 0;
- int visualI, scrI, sz_evi = 0, conflictI, n_conflict;
- *evi_rn = evi = (xExtendedVisualInfo *)xalloc(max_sz_evi);
- if (!*evi_rn)
- return BadAlloc;
+ unsigned int max_visuals = 0, max_sz_conflict, sz_conflict = 0;
+ register int visualI, scrI, sz_evi = 0, conflictI, n_conflict;
+
+ if (n_visual > UINT32_MAX/(sz_xExtendedVisualInfo * screenInfo.numScreens))
+ return BadAlloc;
+ max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens;
-
++
for (scrI = 0; scrI < screenInfo.numScreens; scrI++) {
if (screenInfo.screens[scrI]->numVisuals > max_visuals)
max_visuals = screenInfo.screens[scrI]->numVisuals;
diff --cc Xext/shm.c
index 1ee3bd1,a7a1ecf..3e40713
--- a/Xext/shm.c
+++ b/Xext/shm.c
@@@ -1083,9 -1100,11 +1100,11 @@@ ProcShmCreatePixmap(client
PixmapPtr pMap;
DrawablePtr pDraw;
DepthPtr pDepth;
- register int i, rc;
+ int i, rc;
ShmDescPtr shmdesc;
REQUEST(xShmCreatePixmapReq);
+ unsigned int width, height, depth;
+ unsigned long size;
REQUEST_SIZE_MATCH(xShmCreatePixmapReq);
client->errorValue = stuff->pid;
commit e915a2639752bc0ea9e6e192e020cc2031c08063
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Jan 25 19:22:19 2008 -0500
xselinux: Move the extension to extmod instead of being built-in.
diff --git a/Xext/Makefile.am b/Xext/Makefile.am
index f57e599..648736d 100644
--- a/Xext/Makefile.am
+++ b/Xext/Makefile.am
@@ -76,7 +76,7 @@ endif
# requires X-ACE extension
XSELINUX_SRCS = xselinux.c xselinux.h
if XSELINUX
-BUILTIN_SRCS += $(XSELINUX_SRCS)
+MODULE_SRCS += $(XSELINUX_SRCS)
endif
# Security extension: multi-level security to protect clients from each other
diff --git a/hw/xfree86/dixmods/extmod/modinit.c b/hw/xfree86/dixmods/extmod/modinit.c
index acd7006..d0d892a 100644
--- a/hw/xfree86/dixmods/extmod/modinit.c
+++ b/hw/xfree86/dixmods/extmod/modinit.c
@@ -38,6 +38,15 @@ static MODULESETUPPROTO(extmodSetup);
* Array describing extensions to be initialized
*/
static ExtensionModule extensionModules[] = {
+#ifdef XSELINUX
+ {
+ SELinuxExtensionInit,
+ SELINUX_EXTENSION_NAME,
+ NULL,
+ NULL,
+ NULL
+ },
+#endif
#ifdef SHAPE
{
ShapeExtensionInit,
diff --git a/hw/xfree86/dixmods/extmod/modinit.h b/hw/xfree86/dixmods/extmod/modinit.h
index 116cb2e..3c2e202 100644
--- a/hw/xfree86/dixmods/extmod/modinit.h
+++ b/hw/xfree86/dixmods/extmod/modinit.h
@@ -127,6 +127,7 @@ extern void ShmRegisterFuncs(
#ifdef XSELINUX
extern void SELinuxExtensionInit(INITARGS);
+#include "xselinux.h"
#endif
#if 1
diff --git a/mi/miinitext.c b/mi/miinitext.c
index 30cbc7a..261fac9 100644
--- a/mi/miinitext.c
+++ b/mi/miinitext.c
@@ -690,9 +690,6 @@ static ExtensionModule staticExtensions[] = {
#ifdef XCSECURITY
{ SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, NULL, NULL },
#endif
-#ifdef XSELINUX
- { SELinuxExtensionInit, SELINUX_EXTENSION_NAME, NULL, NULL, NULL },
-#endif
#ifdef XPRINT
{ XpExtensionInit, XP_PRINTNAME, NULL, NULL, NULL },
#endif
commit f6a78ee143e3a3ad69538adf2b9675d724468ffa
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Jan 25 18:04:10 2008 -0500
XACE: Remove the extension code entirely, XACE is completely static now.
diff --git a/Xext/xace.c b/Xext/xace.c
index 0b3baf6..0470e44 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -24,7 +24,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include <stdarg.h>
#include "scrnintstr.h"
#include "xacestr.h"
-#include "modinit.h"
CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
@@ -222,14 +221,6 @@ int XaceHook(int hook, ...)
return prv ? *prv : Success;
}
-/* XaceExtensionInit
- *
- * Initialize the XACE Extension
- */
-void XaceExtensionInit(INITARGS)
-{
-}
-
/* XaceCensorImage
*
* Called after pScreen->GetImage to prevent pieces or trusted windows from
diff --git a/Xext/xace.h b/Xext/xace.h
index a8fac98..4100ba1 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -22,7 +22,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#ifdef XACE
-#define XACE_EXTENSION_NAME "XAccessControlExtension"
#define XACE_MAJOR_VERSION 2
#define XACE_MINOR_VERSION 0
diff --git a/hw/xfree86/dixmods/extmod/modinit.h b/hw/xfree86/dixmods/extmod/modinit.h
index 99d714c..116cb2e 100644
--- a/hw/xfree86/dixmods/extmod/modinit.h
+++ b/hw/xfree86/dixmods/extmod/modinit.h
@@ -125,10 +125,6 @@ extern void ShmRegisterFuncs(
ShmFuncsPtr funcs);
#endif
-#ifdef XACE
-extern void XaceExtensionInit(INITARGS);
-#endif
-
#ifdef XSELINUX
extern void SELinuxExtensionInit(INITARGS);
#endif
diff --git a/mi/miinitext.c b/mi/miinitext.c
index b146907..30cbc7a 100644
--- a/mi/miinitext.c
+++ b/mi/miinitext.c
@@ -244,9 +244,6 @@ typedef void (*InitExtension)(INITARGS);
#define _XAG_SERVER_
#include <X11/extensions/Xagstr.h>
#endif
-#ifdef XACE
-#include "xace.h"
-#endif
#ifdef XCSECURITY
#include "securitysrv.h"
#include <X11/extensions/securstr.h>
@@ -323,9 +320,6 @@ extern void DbeExtensionInit(INITARGS);
#ifdef XAPPGROUP
extern void XagExtensionInit(INITARGS);
#endif
-#ifdef XACE
-extern void XaceExtensionInit(INITARGS);
-#endif
#ifdef XCSECURITY
extern void SecurityExtensionInit(INITARGS);
#endif
@@ -599,9 +593,6 @@ InitExtensions(argc, argv)
#ifdef XAPPGROUP
if (!noXagExtension) XagExtensionInit();
#endif
-#ifdef XACE
- XaceExtensionInit();
-#endif
#ifdef XCSECURITY
if (!noSecurityExtension) SecurityExtensionInit();
#endif
@@ -696,9 +687,6 @@ static ExtensionModule staticExtensions[] = {
#ifdef XAPPGROUP
{ XagExtensionInit, XAGNAME, &noXagExtension, NULL, NULL },
#endif
-#ifdef XACE
- { XaceExtensionInit, XACE_EXTENSION_NAME, NULL, NULL, NULL },
-#endif
#ifdef XCSECURITY
{ SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, NULL, NULL },
#endif
commit 7724c30a751c653ca3e2e8a6752af27bc37de3f0
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Jan 25 17:28:17 2008 -0500
XACE: Stop using fake requestVectors in favor of a simple hook call.
diff --git a/Xext/xace.c b/Xext/xace.c
index 6326735..0b3baf6 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -28,27 +28,28 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
-/* Proc vectors for untrusted clients, swapped and unswapped versions.
- * These are the same as the normal proc vectors except that extensions
- * that haven't declared themselves secure will have ProcBadRequest plugged
- * in for their major opcode dispatcher. This prevents untrusted clients
- * from guessing extension major opcodes and using the extension even though
- * the extension can't be listed or queried.
- */
-static int (*UntrustedProcVector[256])(
- ClientPtr /*client*/
-);
-static int (*SwappedUntrustedProcVector[256])(
- ClientPtr /*client*/
-);
-
/* Special-cased hook functions. Called by Xserver.
*/
-void XaceHookAuditBegin(ClientPtr ptr)
+int XaceHookDispatch(ClientPtr client, int major)
{
- XaceAuditRec rec = { ptr, 0 };
- /* call callbacks, there is no return value. */
+ /* Call the audit begin callback, there is no return value. */
+ XaceAuditRec rec = { client, 0 };
CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec);
+
+ if (major < 128) {
+ /* Call the core dispatch hook */
+ XaceCoreDispatchRec rec = { client, Success /* default allow */ };
+ CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec);
+ return rec.status;
+ } else {
+ /* Call the extension dispatch hook */
+ ExtensionEntry *ext = GetExtensionEntry(major);
+ XaceExtAccessRec rec = { client, ext, DixUseAccess, Success };
+ if (ext)
+ CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec);
+ /* On error, pretend extension doesn't exist */
+ return (rec.status == Success) ? Success : BadRequest;
+ }
}
void XaceHookAuditEnd(ClientPtr ptr, int result)
@@ -221,116 +222,12 @@ int XaceHook(int hook, ...)
return prv ? *prv : Success;
}
-static int
-XaceCatchDispatchProc(ClientPtr client)
-{
- REQUEST(xReq);
- int major = stuff->reqType;
- XaceCoreDispatchRec rec = { client, Success /* default allow */ };
-
- if (!ProcVector[major])
- return BadRequest;
-
- /* call callbacks and return result, if any. */
- CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec);
-
- if (rec.status != Success)
- return rec.status;
-
- return client->swapped ?
- (* SwappedProcVector[major])(client) :
- (* ProcVector[major])(client);
-}
-
-static int
-XaceCatchExtProc(ClientPtr client)
-{
- REQUEST(xReq);
- int major = stuff->reqType;
- ExtensionEntry *ext = GetExtensionEntry(major);
- XaceExtAccessRec rec = { client, ext, DixUseAccess, Success };
-
- if (!ext || !ProcVector[major])
- return BadRequest;
-
- /* call callbacks and return result, if any. */
- CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec);
-
- if (rec.status != Success)
- return BadRequest; /* pretend extension doesn't exist */
-
- return client->swapped ?
- (* SwappedProcVector[major])(client) :
- (* ProcVector[major])(client);
-}
-
-
-/* SecurityClientStateCallback
- *
- * Arguments:
- * pcbl is &ClientStateCallback.
- * nullata is NULL.
- * calldata is a pointer to a NewClientInfoRec (include/dixstruct.h)
- * which contains information about client state changes.
- *
- * Returns: nothing.
- *
- * Side Effects:
- *
- * If a new client is connecting, its authorization ID is copied to
- * client->authID. If this is a generated authorization, its reference
- * count is bumped, its timer is cancelled if it was running, and its
- * trustlevel is copied to TRUSTLEVEL(client).
- *
- * If a client is disconnecting and the client was using a generated
- * authorization, the authorization's reference count is decremented, and
- * if it is now zero, the timer for this authorization is started.
- */
-
-static void
-XaceClientStateCallback(
- CallbackListPtr *pcbl,
- pointer nulldata,
- pointer calldata)
-{
- NewClientInfoRec *pci = (NewClientInfoRec *)calldata;
- ClientPtr client = pci->client;
-
- switch (client->clientState)
- {
- case ClientStateRunning:
- {
- client->requestVector = client->swapped ?
- SwappedUntrustedProcVector : UntrustedProcVector;
- break;
- }
- default: break;
- }
-} /* XaceClientStateCallback */
-
/* XaceExtensionInit
*
* Initialize the XACE Extension
*/
void XaceExtensionInit(INITARGS)
{
- ExtensionEntry *extEntry;
- int i;
-
- if (!AddCallback(&ClientStateCallback, XaceClientStateCallback, NULL))
- return;
-
- /* initialize dispatching intercept functions */
- for (i = 0; i < 128; i++)
- {
- UntrustedProcVector[i] = XaceCatchDispatchProc;
- SwappedUntrustedProcVector[i] = XaceCatchDispatchProc;
- }
- for (i = 128; i < 256; i++)
- {
- UntrustedProcVector[i] = XaceCatchExtProc;
- SwappedUntrustedProcVector[i] = XaceCatchExtProc;
- }
}
/* XaceCensorImage
diff --git a/Xext/xace.h b/Xext/xace.h
index fdf91d1..a8fac98 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -65,8 +65,8 @@ extern int XaceHook(
/* Special-cased hook functions
*/
+extern int XaceHookDispatch(ClientPtr ptr, int major);
extern void XaceHookAuditEnd(ClientPtr ptr, int result);
-extern void XaceHookAuditBegin(ClientPtr ptr);
/* Register a callback for a given hook.
*/
@@ -101,13 +101,13 @@ extern void XaceCensorImage(
#ifdef __GNUC__
#define XaceHook(args...) Success
+#define XaceHookDispatch(args...) Success
#define XaceHookAuditEnd(args...) { ; }
-#define XaceHookAuditBegin(args...) { ; }
#define XaceCensorImage(args...) { ; }
#else
#define XaceHook(...) Success
+#define XaceHookDispatch(...) Success
#define XaceHookAuditEnd(...) { ; }
-#define XaceHookAuditBegin(...) { ; }
#define XaceCensorImage(...) { ; }
#endif
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 004509c..663bf7d 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -463,8 +463,9 @@ Dispatch(void)
if (result > (maxBigRequestSize << 2))
result = BadLength;
else {
- XaceHookAuditBegin(client);
- result = (* client->requestVector[MAJOROP])(client);
+ result = XaceHookDispatch(client, MAJOROP);
+ if (result == Success)
+ result = (* client->requestVector[MAJOROP])(client);
XaceHookAuditEnd(client, result);
}
#ifdef XSERVER_DTRACE
commit f82329b0811469ddae5c44dcfffa38185c11a67c
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Jan 25 16:20:46 2008 -0500
XACE: Don't need to actually register a protocol extension.
diff --git a/Xext/xace.c b/Xext/xace.c
index e85a517..6326735 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -222,51 +222,6 @@ int XaceHook(int hook, ...)
}
static int
-ProcXaceDispatch(ClientPtr client)
-{
- REQUEST(xReq);
-
- switch (stuff->data)
- {
- default:
- return BadRequest;
- }
-} /* ProcXaceDispatch */
-
-static int
-SProcXaceDispatch(ClientPtr client)
-{
- REQUEST(xReq);
-
- switch (stuff->data)
- {
- default:
- return BadRequest;
- }
-} /* SProcXaceDispatch */
-
-
-/* XaceResetProc
- *
- * Arguments:
- * extEntry is the extension information for the XACE extension.
- *
- * Returns: nothing.
- *
- * Side Effects:
- * Performs any cleanup needed by XACE at server shutdown time.
- */
-static void
-XaceResetProc(ExtensionEntry *extEntry)
-{
- int i;
-
- for (i=0; i<XACE_NUM_HOOKS; i++)
- DeleteCallbackList(&XaceHooks[i]);
-} /* XaceResetProc */
-
-
-static int
XaceCatchDispatchProc(ClientPtr client)
{
REQUEST(xReq);
@@ -365,11 +320,6 @@ void XaceExtensionInit(INITARGS)
if (!AddCallback(&ClientStateCallback, XaceClientStateCallback, NULL))
return;
- extEntry = AddExtension(XACE_EXTENSION_NAME,
- XaceNumberEvents, XaceNumberErrors,
- ProcXaceDispatch, SProcXaceDispatch,
- XaceResetProc, StandardMinorOpcode);
-
/* initialize dispatching intercept functions */
for (i = 0; i < 128; i++)
{
diff --git a/Xext/xace.h b/Xext/xace.h
index 6f92290..fdf91d1 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -29,9 +29,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include "pixmap.h" /* for DrawablePtr */
#include "regionstr.h" /* for RegionPtr */
-#define XaceNumberEvents 0
-#define XaceNumberErrors 0
-
/* Default window background */
#define XaceBackgroundNoneState None
commit 46794d0c9665f07913980830d038c88d00407612
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Jan 24 19:49:13 2008 -0500
xselinux: Rename SelectionManager to more generic SecurityManager.
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 53ea6c1..a6e27e6 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -72,8 +72,8 @@ typedef struct {
security_id_t sid;
} SELinuxSelectionRec;
-static ClientPtr selectionManager;
-static Window selectionWindow;
+static ClientPtr securityManager;
+static Window securityWindow;
/* audit file descriptor */
static int audit_fd;
@@ -849,9 +849,9 @@ SELinuxClientState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
case ClientStateRetained:
case ClientStateGone:
- if (pci->client == selectionManager) {
- selectionManager = NULL;
- selectionWindow = 0;
+ if (pci->client == securityManager) {
+ securityManager = NULL;
+ securityWindow = 0;
}
break;
@@ -935,9 +935,9 @@ SELinuxSelectionState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
case SelectionConvertSelection:
/* redirect the convert request if necessary */
- if (selectionManager && selectionManager != rec->client) {
- rec->selection->client = selectionManager;
- rec->selection->window = selectionWindow;
+ if (securityManager && securityManager != rec->client) {
+ rec->selection->client = securityManager;
+ rec->selection->window = securityWindow;
} else {
rec->selection->client = rec->selection->alt_client;
rec->selection->window = rec->selection->alt_window;
@@ -1004,39 +1004,39 @@ ProcSELinuxQueryVersion(ClientPtr client)
}
static int
-ProcSELinuxSetSelectionManager(ClientPtr client)
+ProcSELinuxSetSecurityManager(ClientPtr client)
{
WindowPtr pWin;
int rc;
- REQUEST(SELinuxSetSelectionManagerReq);
- REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);
+ REQUEST(SELinuxSetSecurityManagerReq);
+ REQUEST_SIZE_MATCH(SELinuxSetSecurityManagerReq);
if (stuff->window == None) {
- selectionManager = NULL;
- selectionWindow = None;
+ securityManager = NULL;
+ securityWindow = None;
} else {
rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW,
client, DixGetAttrAccess);
if (rc != Success)
return rc;
- selectionManager = client;
- selectionWindow = stuff->window;
+ securityManager = client;
+ securityWindow = stuff->window;
}
return Success;
}
static int
-ProcSELinuxGetSelectionManager(ClientPtr client)
+ProcSELinuxGetSecurityManager(ClientPtr client)
{
- SELinuxGetSelectionManagerReply rep;
+ SELinuxGetSecurityManagerReply rep;
rep.type = X_Reply;
rep.length = 0;
rep.sequenceNumber = client->sequence;
- rep.window = selectionWindow;
+ rep.window = securityWindow;
if (client->swapped) {
int n;
swaps(&rep.sequenceNumber, n);
@@ -1251,10 +1251,10 @@ ProcSELinuxDispatch(ClientPtr client)
switch (stuff->data) {
case X_SELinuxQueryVersion:
return ProcSELinuxQueryVersion(client);
- case X_SELinuxSetSelectionManager:
- return ProcSELinuxSetSelectionManager(client);
- case X_SELinuxGetSelectionManager:
- return ProcSELinuxGetSelectionManager(client);
+ case X_SELinuxSetSecurityManager:
+ return ProcSELinuxSetSecurityManager(client);
+ case X_SELinuxGetSecurityManager:
+ return ProcSELinuxGetSecurityManager(client);
case X_SELinuxSetDeviceCreateContext:
return ProcSELinuxSetDeviceCreateContext(client);
case X_SELinuxGetDeviceCreateContext:
@@ -1293,14 +1293,14 @@ SProcSELinuxQueryVersion(ClientPtr client)
}
static int
-SProcSELinuxSetSelectionManager(ClientPtr client)
+SProcSELinuxSetSecurityManager(ClientPtr client)
{
- REQUEST(SELinuxSetSelectionManagerReq);
+ REQUEST(SELinuxSetSecurityManagerReq);
int n;
- REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);
+ REQUEST_SIZE_MATCH(SELinuxSetSecurityManagerReq);
swapl(&stuff->window, n);
- return ProcSELinuxSetSelectionManager(client);
+ return ProcSELinuxSetSecurityManager(client);
}
static int
@@ -1393,10 +1393,10 @@ SProcSELinuxDispatch(ClientPtr client)
switch (stuff->data) {
case X_SELinuxQueryVersion:
return SProcSELinuxQueryVersion(client);
- case X_SELinuxSetSelectionManager:
- return SProcSELinuxSetSelectionManager(client);
- case X_SELinuxGetSelectionManager:
- return ProcSELinuxGetSelectionManager(client);
+ case X_SELinuxSetSecurityManager:
+ return SProcSELinuxSetSecurityManager(client);
+ case X_SELinuxGetSecurityManager:
+ return ProcSELinuxGetSecurityManager(client);
case X_SELinuxSetDeviceCreateContext:
return SProcSELinuxSetDeviceCreateContext(client);
case X_SELinuxGetDeviceCreateContext:
diff --git a/Xext/xselinux.h b/Xext/xselinux.h
index ba1380b..7eeea50 100644
--- a/Xext/xselinux.h
+++ b/Xext/xselinux.h
@@ -31,8 +31,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
/* Extension protocol */
#define X_SELinuxQueryVersion 0
-#define X_SELinuxSetSelectionManager 1
-#define X_SELinuxGetSelectionManager 2
+#define X_SELinuxSetSecurityManager 1
+#define X_SELinuxGetSecurityManager 2
#define X_SELinuxSetDeviceCreateContext 3
#define X_SELinuxGetDeviceCreateContext 4
#define X_SELinuxSetDeviceContext 5
@@ -72,13 +72,13 @@ typedef struct {
CARD8 SELinuxReqType;
CARD16 length;
CARD32 window;
-} SELinuxSetSelectionManagerReq;
+} SELinuxSetSecurityManagerReq;
typedef struct {
CARD8 reqType;
CARD8 SELinuxReqType;
CARD16 length;
-} SELinuxGetSelectionManagerReq;
+} SELinuxGetSecurityManagerReq;
typedef struct {
CARD8 type;
@@ -91,7 +91,7 @@ typedef struct {
CARD32 pad4;
CARD32 pad5;
CARD32 pad6;
-} SELinuxGetSelectionManagerReply;
+} SELinuxGetSecurityManagerReply;
typedef struct {
CARD8 reqType;
commit 6ffeecabb7f3f3173864e0f0af21a99bdc5b5044
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Jan 24 18:11:49 2008 -0500
xselinux: Use a privileged bit in the state instead of passing an index
to the permission checking function.
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 1432916..53ea6c1 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -63,6 +63,7 @@ typedef struct {
security_id_t sid;
struct avc_entry_ref aeref;
char *command;
+ int privileged;
} SELinuxStateRec;
/* selection manager */
@@ -287,11 +288,11 @@ SELinuxTypeToClass(RESTYPE type)
* Performs an SELinux permission check.
*/
static int
-SELinuxDoCheck(int clientIndex, SELinuxStateRec *subj, SELinuxStateRec *obj,
+SELinuxDoCheck(SELinuxStateRec *subj, SELinuxStateRec *obj,
security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
{
/* serverClient requests OK */
- if (clientIndex == 0)
+ if (subj->privileged)
return Success;
auditdata->command = subj->command;
@@ -383,6 +384,7 @@ SELinuxLabelInitial(void)
/* Do the serverClient */
state = dixLookupPrivate(&serverClient->devPrivates, stateKey);
+ state->privileged = 1;
sidput(state->sid);
/* Use the context of the X server process for the serverClient */
@@ -496,8 +498,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
obj->sid = subj->sid;
}
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DEVICE,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -509,21 +511,18 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxStateRec *subj, *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = rec->client };
security_class_t class;
- int rc, i, type, clientIndex;
+ int rc, i, type;
- if (rec->dev) {
+ if (rec->dev)
subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
- clientIndex = -1; /* some nonzero value */
- } else {
+ else
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
- clientIndex = rec->client->index;
- }
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
/* Check send permission on window */
- rc = SELinuxDoCheck(clientIndex, subj, obj, SECCLASS_X_DRAWABLE,
- DixSendAccess, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,
+ &auditdata);
if (rc != Success)
goto err;
@@ -537,8 +536,7 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
goto err;
auditdata.event = type;
- rc = SELinuxDoCheck(clientIndex, subj, &ev_sid, class,
- DixSendAccess, &auditdata);
+ rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);
if (rc != Success)
goto err;
}
@@ -560,8 +558,8 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
/* Check receive permission on window */
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DRAWABLE,
- DixReceiveAccess, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,
+ &auditdata);
if (rc != Success)
goto err;
@@ -575,8 +573,7 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
goto err;
auditdata.event = type;
- rc = SELinuxDoCheck(rec->client->index, subj, &ev_sid, class,
- DixReceiveAccess, &auditdata);
+ rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);
if (rc != Success)
goto err;
}
@@ -633,8 +630,8 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Perform the security check */
auditdata.extension = rec->ext->name;
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_EXTENSION,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_EXTENSION, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -680,13 +677,12 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
return;
}
freecon(con);
- avc_entry_ref_init(&obj->aeref);
}
/* Perform the security check */
auditdata.property = rec->pProp->propertyName;
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_PROPERTY,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -741,8 +737,7 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Perform the security check */
auditdata.restype = rec->rtype;
auditdata.id = rec->id;
- rc = SELinuxDoCheck(rec->client->index, subj, obj, class,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, class, rec->access_mode, &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -775,8 +770,7 @@ SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
if (is_saver)
access_mode <<= 2;
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SCREEN,
- access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SCREEN, access_mode, &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -792,8 +786,8 @@ SELinuxClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_CLIENT,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -809,8 +803,8 @@ SELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
- rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SERVER,
- rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
@@ -832,8 +826,8 @@ SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
}
auditdata.selection = rec->name;
- rc = SELinuxDoCheck(rec->client->index, subj, &sel_sid,
- SECCLASS_X_SELECTION, rec->access_mode, &auditdata);
+ rc = SELinuxDoCheck(subj, &sel_sid, SECCLASS_X_SELECTION, rec->access_mode,
+ &auditdata);
if (rc != Success)
rec->status = rc;
}
commit 7ba8e97cbabfef4d614a6a38314830ec0f925471
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Jan 24 19:09:58 2008 -0500
xselinux: Implement "get context" protocol requests.
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index ede0350..1432916 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -1098,7 +1098,40 @@ ProcSELinuxSetDeviceContext(ClientPtr client)
static int
ProcSELinuxGetDeviceContext(ClientPtr client)
{
- return Success;
+ char *ctx;
+ DeviceIntPtr dev;
+ SELinuxStateRec *state;
+ SELinuxGetContextReply rep;
+ int rc;
+
+ REQUEST(SELinuxGetContextReq);
+ REQUEST_SIZE_MATCH(SELinuxGetContextReq);
+
+ rc = dixLookupDevice(&dev, stuff->id, client, DixGetAttrAccess);
+ if (rc != Success)
+ return rc;
+
+ state = dixLookupPrivate(&dev->devPrivates, stateKey);
+ rc = avc_sid_to_context(state->sid, &ctx);
+ if (rc != Success)
+ return BadValue;
+
+ rep.type = X_Reply;
+ rep.length = (strlen(ctx) + 4) >> 2;
+ rep.sequenceNumber = client->sequence;
+ rep.context_len = strlen(ctx) + 1;
+
+ if (client->swapped) {
+ int n;
+ swapl(&rep.length, n);
+ swaps(&rep.sequenceNumber, n);
+ swaps(&rep.context_len, n);
+ }
+
+ WriteToClient(client, sizeof(SELinuxGetContextReply), (char *)&rep);
+ WriteToClient(client, rep.context_len, ctx);
+ free(ctx);
+ return client->noClientException;
}
static int
@@ -1116,7 +1149,54 @@ ProcSELinuxGetPropertyCreateContext(ClientPtr client)
static int
ProcSELinuxGetPropertyContext(ClientPtr client)
{
- return Success;
+ char *ctx;
+ WindowPtr pWin;
+ PropertyPtr pProp;
+ SELinuxStateRec *state;
+ SELinuxGetContextReply rep;
+ int rc;
+
+ REQUEST(SELinuxGetPropertyContextReq);
+ REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq);
+
+ rc = dixLookupWindow(&pWin, stuff->window, client, DixGetPropAccess);
+ if (rc != Success)
+ return rc;
+
+ pProp = wUserProps(pWin);
+ while (pProp) {
+ if (pProp->propertyName == stuff->property)
+ break;
+ pProp = pProp->next;
+ }
+ if (!pProp)
+ return BadValue;
+
+ rc = XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp, DixGetAttrAccess);
+ if (rc != Success)
+ return rc;
+
+ state = dixLookupPrivate(&pProp->devPrivates, stateKey);
+ rc = avc_sid_to_context(state->sid, &ctx);
+ if (rc != Success)
+ return BadValue;
+
+ rep.type = X_Reply;
+ rep.length = (strlen(ctx) + 4) >> 2;
+ rep.sequenceNumber = client->sequence;
+ rep.context_len = strlen(ctx) + 1;
+
+ if (client->swapped) {
+ int n;
+ swapl(&rep.length, n);
+ swaps(&rep.sequenceNumber, n);
+ swaps(&rep.context_len, n);
+ }
+
+ WriteToClient(client, sizeof(SELinuxGetContextReply), (char *)&rep);
+ WriteToClient(client, rep.context_len, ctx);
+ free(ctx);
+ return client->noClientException;
}
static int
@@ -1134,7 +1214,40 @@ ProcSELinuxGetWindowCreateContext(ClientPtr client)
static int
ProcSELinuxGetWindowContext(ClientPtr client)
{
- return Success;
+ char *ctx;
+ WindowPtr pWin;
+ SELinuxStateRec *state;
+ SELinuxGetContextReply rep;
+ int rc;
+
+ REQUEST(SELinuxGetContextReq);
+ REQUEST_SIZE_MATCH(SELinuxGetContextReq);
+
+ rc = dixLookupWindow(&pWin, stuff->id, client, DixGetAttrAccess);
+ if (rc != Success)
+ return rc;
+
+ state = dixLookupPrivate(&pWin->devPrivates, stateKey);
+ rc = avc_sid_to_context(state->sid, &ctx);
+ if (rc != Success)
+ return BadValue;
+
+ rep.type = X_Reply;
+ rep.length = (strlen(ctx) + 4) >> 2;
+ rep.sequenceNumber = client->sequence;
+ rep.context_len = strlen(ctx) + 1;
+
+ if (client->swapped) {
+ int n;
+ swapl(&rep.length, n);
+ swaps(&rep.sequenceNumber, n);
+ swaps(&rep.context_len, n);
+ }
+
+ WriteToClient(client, sizeof(SELinuxGetContextReply), (char *)&rep);
+ WriteToClient(client, rep.context_len, ctx);
+ free(ctx);
+ return client->noClientException;
}
static int
commit f0bf9a5231d4f612ac916355118484d055715f32
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Jan 24 19:02:35 2008 -0500
xselinux: Whitespace fixups.
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 4629e90..ede0350 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -271,7 +271,7 @@ SELinuxTypeToClass(RESTYPE type)
knownTypes[type] = SECCLASS_X_CURSOR;
if (fulltype == RT_COLORMAP)
knownTypes[type] = SECCLASS_X_COLORMAP;
-
+
/* Need to do a string lookup */
str = LookupResourceName(fulltype);
if (!strcmp(str, "PICTURE"))
@@ -890,8 +890,7 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
if (rc != Success)
FatalError("SELinux: Failed to set label property on window!\n");
freecon(ctx);
- }
- else
+ } else
FatalError("SELinux: Unexpected unlabeled client found\n");
state = dixLookupPrivate(&pWin->devPrivates, stateKey);
@@ -907,8 +906,7 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
if (rc != Success)
FatalError("SELinux: Failed to set label property on window!\n");
freecon(ctx);
- }
- else
+ } else
FatalError("SELinux: Unexpected unlabeled window found\n");
}
@@ -1181,9 +1179,9 @@ SProcSELinuxQueryVersion(ClientPtr client)
REQUEST(SELinuxQueryVersionReq);
int n;
- REQUEST_SIZE_MATCH (SELinuxQueryVersionReq);
- swaps(&stuff->client_major,n);
- swaps(&stuff->client_minor,n);
+ REQUEST_SIZE_MATCH(SELinuxQueryVersionReq);
+ swaps(&stuff->client_major, n);
+ swaps(&stuff->client_minor, n);
return ProcSELinuxQueryVersion(client);
}
@@ -1193,8 +1191,8 @@ SProcSELinuxSetSelectionManager(ClientPtr client)
REQUEST(SELinuxSetSelectionManagerReq);
int n;
- REQUEST_SIZE_MATCH (SELinuxSetSelectionManagerReq);
- swapl(&stuff->window,n);
+ REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);
+ swapl(&stuff->window, n);
return ProcSELinuxSetSelectionManager(client);
}
@@ -1205,7 +1203,7 @@ SProcSELinuxSetDeviceCreateContext(ClientPtr client)
int n;
REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq);
- swaps(&stuff->context_len,n);
+ swaps(&stuff->context_len, n);
return ProcSELinuxSetDeviceCreateContext(client);
}
@@ -1216,8 +1214,8 @@ SProcSELinuxSetDeviceContext(ClientPtr client)
int n;
REQUEST_AT_LEAST_SIZE(SELinuxSetContextReq);
- swapl(&stuff->id,n);
- swaps(&stuff->context_len,n);
+ swapl(&stuff->id, n);
+ swaps(&stuff->context_len, n);
return ProcSELinuxSetDeviceContext(client);
}
@@ -1228,7 +1226,7 @@ SProcSELinuxGetDeviceContext(ClientPtr client)
int n;
REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id,n);
+ swapl(&stuff->id, n);
return ProcSELinuxGetDeviceContext(client);
}
@@ -1239,7 +1237,7 @@ SProcSELinuxSetPropertyCreateContext(ClientPtr client)
int n;
REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq);
- swaps(&stuff->context_len,n);
+ swaps(&stuff->context_len, n);
return ProcSELinuxSetPropertyCreateContext(client);
}
@@ -1250,8 +1248,8 @@ SProcSELinuxGetPropertyContext(ClientPtr client)
int n;
REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq);
- swapl(&stuff->window,n);
- swapl(&stuff->property,n);
+ swapl(&stuff->window, n);
+ swapl(&stuff->property, n);
return ProcSELinuxGetPropertyContext(client);
}
@@ -1262,7 +1260,7 @@ SProcSELinuxSetWindowCreateContext(ClientPtr client)
int n;
REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq);
- swaps(&stuff->context_len,n);
+ swaps(&stuff->context_len, n);
return ProcSELinuxSetWindowCreateContext(client);
}
@@ -1273,7 +1271,7 @@ SProcSELinuxGetWindowContext(ClientPtr client)
int n;
REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id,n);
+ swapl(&stuff->id, n);
return ProcSELinuxGetWindowContext(client);
}
@@ -1287,31 +1285,31 @@ SProcSELinuxDispatch(ClientPtr client)
switch (stuff->data) {
case X_SELinuxQueryVersion:
- return SProcSELinuxQueryVersion(client);
+ return SProcSELinuxQueryVersion(client);
case X_SELinuxSetSelectionManager:
return SProcSELinuxSetSelectionManager(client);
case X_SELinuxGetSelectionManager:
- return ProcSELinuxGetSelectionManager(client);
+ return ProcSELinuxGetSelectionManager(client);
case X_SELinuxSetDeviceCreateContext:
- return SProcSELinuxSetDeviceCreateContext(client);
+ return SProcSELinuxSetDeviceCreateContext(client);
case X_SELinuxGetDeviceCreateContext:
- return ProcSELinuxGetDeviceCreateContext(client);
+ return ProcSELinuxGetDeviceCreateContext(client);
case X_SELinuxSetDeviceContext:
- return SProcSELinuxSetDeviceContext(client);
+ return SProcSELinuxSetDeviceContext(client);
case X_SELinuxGetDeviceContext:
- return SProcSELinuxGetDeviceContext(client);
+ return SProcSELinuxGetDeviceContext(client);
case X_SELinuxSetPropertyCreateContext:
- return SProcSELinuxSetPropertyCreateContext(client);
+ return SProcSELinuxSetPropertyCreateContext(client);
case X_SELinuxGetPropertyCreateContext:
- return ProcSELinuxGetPropertyCreateContext(client);
+ return ProcSELinuxGetPropertyCreateContext(client);
case X_SELinuxGetPropertyContext:
- return SProcSELinuxGetPropertyContext(client);
+ return SProcSELinuxGetPropertyContext(client);
case X_SELinuxSetWindowCreateContext:
- return SProcSELinuxSetWindowCreateContext(client);
+ return SProcSELinuxSetWindowCreateContext(client);
case X_SELinuxGetWindowCreateContext:
- return ProcSELinuxGetWindowCreateContext(client);
+ return ProcSELinuxGetWindowCreateContext(client);
case X_SELinuxGetWindowContext:
- return SProcSELinuxGetWindowContext(client);
+ return SProcSELinuxGetWindowContext(client);
default:
return BadRequest;
}
@@ -1376,8 +1374,8 @@ SELinuxExtensionInit(INITARGS)
/* Setup SELinux stuff */
if (!is_selinux_enabled()) {
- ErrorF("SELinux: SELinux not enabled, disabling SELinux support.\n");
- return;
+ ErrorF("SELinux: SELinux not enabled, disabling SELinux support.\n");
+ return;
}
selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback)SELinuxLog);
@@ -1408,7 +1406,7 @@ SELinuxExtensionInit(INITARGS)
/* Prepare for auditing */
audit_fd = audit_open();
if (audit_fd < 0)
- FatalError("SELinux: Failed to open the system audit log\n");
+ FatalError("SELinux: Failed to open the system audit log\n");
/* Allocate private storage */
if (!dixRequestPrivate(stateKey, sizeof(SELinuxStateRec)))
commit 734e115871ce98badb8800383c423493802ae3d3
Author: Hong Liu <hong.liu at intel.com>
Date: Wed Jan 23 21:04:32 2008 +0800
Bug #12439: add a quirk to use +hsync +vsync for the probed detailed mode.
Samsung 205BW quirk is somehow reworked.
diff --git a/hw/xfree86/modes/xf86EdidModes.c b/hw/xfree86/modes/xf86EdidModes.c
index 87a8127..b865727 100644
--- a/hw/xfree86/modes/xf86EdidModes.c
+++ b/hw/xfree86/modes/xf86EdidModes.c
@@ -66,6 +66,8 @@ typedef enum {
DDC_QUIRK_DETAILED_USE_MAXIMUM_SIZE = 1 << 5,
/* Monitor forgot to set the first detailed is preferred bit. */
DDC_QUIRK_FIRST_DETAILED_PREFERRED = 1 << 6,
+ /* use +hsync +vsync for detailed mode */
+ DDC_QUIRK_DETAILED_SYNC_PP = 1 << 7,
} ddc_quirk_t;
static Bool quirk_prefer_large_60 (int scrnIndex, xf86MonPtr DDC)
@@ -160,6 +162,15 @@ static Bool quirk_first_detailed_preferred (int scrnIndex, xf86MonPtr DDC)
return FALSE;
}
+static Bool quirk_detailed_sync_pp(int scrnIndex, xf86MonPtr DDC)
+{
+ /* Bug #12439: Samsung SyncMaster 205BW */
+ if (memcmp (DDC->vendor.name, "SAM", 4) == 0 &&
+ DDC->vendor.prod_id == 541)
+ return TRUE;
+ return FALSE;
+}
+
typedef struct {
Bool (*detect) (int scrnIndex, xf86MonPtr DDC);
ddc_quirk_t quirk;
@@ -195,6 +206,10 @@ static const ddc_quirk_map_t ddc_quirks[] = {
quirk_first_detailed_preferred, DDC_QUIRK_FIRST_DETAILED_PREFERRED,
"First detailed timing was not marked as preferred."
},
+ {
+ quirk_detailed_sync_pp, DDC_QUIRK_DETAILED_SYNC_PP,
+ "Use +hsync +vsync for detailed timing."
+ },
{
NULL, DDC_QUIRK_NONE,
"No known quirks"
@@ -341,15 +356,19 @@ DDCModeFromDetailedTiming(int scrnIndex, struct detailed_timings *timing,
if (timing->interlaced)
Mode->Flags |= V_INTERLACE;
- if (timing->misc & 0x02)
- Mode->Flags |= V_PVSYNC;
- else
- Mode->Flags |= V_NVSYNC;
-
- if (timing->misc & 0x01)
- Mode->Flags |= V_PHSYNC;
- else
- Mode->Flags |= V_NHSYNC;
+ if (quirks & DDC_QUIRK_DETAILED_SYNC_PP)
+ Mode->Flags |= V_PVSYNC | V_PHSYNC;
+ else {
+ if (timing->misc & 0x02)
+ Mode->Flags |= V_PVSYNC;
+ else
+ Mode->Flags |= V_NVSYNC;
+
+ if (timing->misc & 0x01)
+ Mode->Flags |= V_PHSYNC;
+ else
+ Mode->Flags |= V_NHSYNC;
+ }
return Mode;
}
commit cc22b05ea06e08568d0f0abdaccf67bd32662e94
Author: Adam Jackson <ajax at redhat.com>
Date: Tue Jan 22 18:57:11 2008 -0500
There is no such thing as /dev/cpu/mtrr.
diff --git a/hw/xfree86/os-support/linux/lnx_video.c b/hw/xfree86/os-support/linux/lnx_video.c
index ad2b66f..1bd2d57 100644
--- a/hw/xfree86/os-support/linux/lnx_video.c
+++ b/hw/xfree86/os-support/linux/lnx_video.c
@@ -142,17 +142,8 @@ mtrr_open(int verbosity)
/* Only report absence of /proc/mtrr once. */
static Bool warned = FALSE;
- char **fn;
- static char *mtrr_files[] = {
- "/dev/cpu/mtrr", /* Possible future name */
- "/proc/mtrr", /* Current name */
- NULL
- };
-
if (mtrr_fd == MTRR_FD_UNOPENED) {
- /* So open it. */
- for (fn = mtrr_files; mtrr_fd < 0 && *fn; fn++)
- mtrr_fd = open(*fn, O_WRONLY);
+ mtrr_fd = open("/proc/mtrr", O_WRONLY);
if (mtrr_fd < 0)
mtrr_fd = MTRR_FD_PROBLEM;
commit be6c17fcf9efebc0bbcc3d9a25f8c5a2450c2161
Author: Matthias Hopf <mhopf at suse.de>
Date: Mon Jan 21 16:13:21 2008 +0100
CVE-2007-6429: Always test for size+offset wrapping.
diff --git a/Xext/shm.c b/Xext/shm.c
index e46f6fc..a7a1ecf 100644
--- a/Xext/shm.c
+++ b/Xext/shm.c
@@ -799,10 +799,10 @@ CreatePmap:
if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) {
if (size < width * height)
return BadAlloc;
- /* thankfully, offset is unsigned */
- if (stuff->offset + size < size)
- return BadAlloc;
}
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
@@ -1144,10 +1144,10 @@ CreatePmap:
if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) {
if (size < width * height)
return BadAlloc;
- /* thankfully, offset is unsigned */
- if (stuff->offset + size < size)
- return BadAlloc;
}
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)(
commit 94a21d757ce58254accbd5dd3a86810aadeec9f0
Author: Michel Dänzer <michel at tungstengraphics.com>
Date: Sat Jan 19 13:17:45 2008 +0100
AIGLX: Fix GLX_EXT_texture_from_pixmap fallback with EXA.
Use pScreen->GetImage to obtain the pixmap contents instead of dereferencing
pPixmap->devPrivate.ptr directly.
diff --git a/GL/glx/glxdri.c b/GL/glx/glxdri.c
index c0da07b..6c1a199 100644
--- a/GL/glx/glxdri.c
+++ b/GL/glx/glxdri.c
@@ -47,6 +47,8 @@
#include <xf86.h>
#include <dri.h>
+#include "servermd.h"
+
#define DRI_NEW_INTERFACE_ONLY
#include "glxserver.h"
#include "glxutil.h"
@@ -308,18 +310,20 @@ __glXDRIcontextForceCurrent(__GLXcontext *baseContext)
}
static void
-glxFillAlphaChannel (PixmapPtr pixmap, int x, int y, int width, int height)
+glxFillAlphaChannel (CARD32 *pixels, CARD32 rowstride, int width, int height)
{
int i;
- CARD32 *p, *end, *pixels = (CARD32 *)pixmap->devPrivate.ptr;
- CARD32 rowstride = pixmap->devKind / 4;
+ CARD32 *p, *end;
+
+ rowstride /= 4;
- for (i = y; i < y + height; i++)
+ for (i = 0; i < height; i++)
{
- p = &pixels[i * rowstride + x];
+ p = pixels;
end = p + width;
while (p < end)
*p++ |= 0xFF000000;
+ pixels += rowstride;
}
}
@@ -430,22 +434,31 @@ nooverride:
type = GL_UNSIGNED_SHORT_5_6_5;
}
- CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_ROW_LENGTH,
- pixmap->devKind / bpp) );
-
if (pRegion == NULL)
{
- if (!override && pixmap->drawable.depth == 24)
- glxFillAlphaChannel(pixmap,
- pixmap->drawable.x,
- pixmap->drawable.y,
- pixmap->drawable.width,
- pixmap->drawable.height);
-
- CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_PIXELS,
- pixmap->drawable.x) );
- CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_ROWS,
- pixmap->drawable.y) );
+ void *data = NULL;
+
+ if (!override) {
+ unsigned pitch = PixmapBytePad(pixmap->drawable.width,
+ pixmap->drawable.depth);
+
+ data = xalloc(pitch * pixmap->drawable.height);
+
+ pScreen->GetImage(&pixmap->drawable, 0 /*pixmap->drawable.x*/,
+ 0 /*pixmap->drawable.y*/, pixmap->drawable.width,
+ pixmap->drawable.height, ZPixmap, ~0, data);
+
+ if (pixmap->drawable.depth == 24)
+ glxFillAlphaChannel(data,
+ pitch,
+ pixmap->drawable.width,
+ pixmap->drawable.height);
+
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_ROW_LENGTH,
+ pitch / bpp) );
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_PIXELS, 0) );
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_ROWS, 0) );
+ }
CALL_TexImage2D( GET_DISPATCH(),
(glxPixmap->target,
@@ -456,26 +469,37 @@ nooverride:
0,
format,
type,
- override ? NULL : pixmap->devPrivate.ptr) );
+ data) );
+
+ xfree(data);
} else if (!override) {
int i, numRects;
BoxPtr p;
numRects = REGION_NUM_RECTS (pRegion);
p = REGION_RECTS (pRegion);
+
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_PIXELS, 0) );
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_ROWS, 0) );
+
for (i = 0; i < numRects; i++)
{
+ unsigned pitch = PixmapBytePad(p[i].x2 - p[i].x1,
+ pixmap->drawable.depth);
+ void *data = xalloc(pitch * (p[i].y2 - p[i].y1));
+
+ pScreen->GetImage(&pixmap->drawable, /*pixmap->drawable.x +*/ p[i].x1,
+ /*pixmap->drawable.y*/ + p[i].y1, p[i].x2 - p[i].x1,
+ p[i].y2 - p[i].y1, ZPixmap, ~0, data);
+
if (pixmap->drawable.depth == 24)
- glxFillAlphaChannel(pixmap,
- pixmap->drawable.x + p[i].x1,
- pixmap->drawable.y + p[i].y1,
+ glxFillAlphaChannel(data,
+ pitch,
p[i].x2 - p[i].x1,
p[i].y2 - p[i].y1);
- CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_PIXELS,
- pixmap->drawable.x + p[i].x1) );
- CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_SKIP_ROWS,
- pixmap->drawable.y + p[i].y1) );
+ CALL_PixelStorei( GET_DISPATCH(), (GL_UNPACK_ROW_LENGTH,
+ pitch / bpp) );
CALL_TexSubImage2D( GET_DISPATCH(),
(glxPixmap->target,
@@ -484,7 +508,9 @@ nooverride:
p[i].x2 - p[i].x1, p[i].y2 - p[i].y1,
format,
type,
- pixmap->devPrivate.ptr) );
+ data) );
+
+ xfree(data);
}
}
commit e9fa7c1c88a8130a48f772c92b186b8b777986b5
Author: Adam Jackson <ajax at redhat.com>
Date: Fri Jan 18 14:41:20 2008 -0500
CVE-2007-6429: Don't spuriously reject <8bpp shm pixmaps.
Move size validation after depth validation, and only validate size if
the bpp of the pixmap format is > 8. If bpp < 8 then we're already
protected from overflow by the width and height checks.
diff --git a/Xext/shm.c b/Xext/shm.c
index c545e49..e46f6fc 100644
--- a/Xext/shm.c
+++ b/Xext/shm.c
@@ -783,14 +783,6 @@ ProcPanoramiXShmCreatePixmap(
}
if (width > 32767 || height > 32767)
return BadAlloc;
- size = PixmapBytePad(width, depth) * height;
- if (sizeof(size) == 4) {
- if (size < width * height)
- return BadAlloc;
- /* thankfully, offset is unsigned */
- if (stuff->offset + size < size)
- return BadAlloc;
- }
if (stuff->depth != 1)
{
@@ -801,7 +793,17 @@ ProcPanoramiXShmCreatePixmap(
client->errorValue = stuff->depth;
return BadValue;
}
+
CreatePmap:
+ size = PixmapBytePad(width, depth) * height;
+ if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) {
+ if (size < width * height)
+ return BadAlloc;
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
+ }
+
VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
if(!(newPix = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes))))
@@ -1126,14 +1128,6 @@ ProcShmCreatePixmap(client)
}
if (width > 32767 || height > 32767)
return BadAlloc;
- size = PixmapBytePad(width, depth) * height;
- if (sizeof(size) == 4) {
- if (size < width * height)
- return BadAlloc;
- /* thankfully, offset is unsigned */
- if (stuff->offset + size < size)
- return BadAlloc;
- }
if (stuff->depth != 1)
{
@@ -1144,7 +1138,17 @@ ProcShmCreatePixmap(client)
client->errorValue = stuff->depth;
return BadValue;
}
+
CreatePmap:
+ size = PixmapBytePad(width, depth) * height;
+ if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) {
+ if (size < width * height)
+ return BadAlloc;
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
+ }
+
VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)(
pDraw->pScreen, stuff->width,
commit 23f3f0e27dc90b7b3a375f2a5dd094e6f53552b5
Author: Jeremy Huddleston <jeremy at yuffie.local>
Date: Sun Jan 13 14:00:25 2008 -0800
XQuartz: Moved SetFrontProcess haco to set_front_process
So it is done by the other thread...
(cherry picked from commit 7429379eb1001ee3dc769daa8fe6b3aef1b9cc8a)
diff --git a/hw/xquartz/X11Application.m b/hw/xquartz/X11Application.m
index f688985..be5511d 100644
--- a/hw/xquartz/X11Application.m
+++ b/hw/xquartz/X11Application.m
@@ -314,7 +314,11 @@ static void message_kit_thread (SEL selector, NSObject *arg) {
}
- (void) set_front_process:unused {
-// [self activateX:YES];
+ /* Hackery needed due to argv[0] hackery */
+ // [self activateX:YES];
+ ProcessSerialNumber psn = { 0, kCurrentProcess };
+ SetFrontProcess(&psn);
+
QuartzMessageServerThread(kXDarwinBringAllToFront, 0);
}
@@ -711,10 +715,6 @@ void X11ApplicationSetWindowMenuCheck (int idx) {
void X11ApplicationSetFrontProcess (void) {
message_kit_thread (@selector (set_front_process:), nil);
-
- /* Hackery needed due to argv[0] hackery */
- ProcessSerialNumber psn = { 0, kCurrentProcess };
- SetFrontProcess(&psn);
}
void X11ApplicationSetCanQuit (int state) {
commit 8e133d96740d010a4fd969a8188e6e71fb2cafe2
Author: Matthieu Herrb <matthieu at bluenote.herrb.com>
Date: Thu Jan 17 15:29:06 2008 +0100
Fix for CVE-2008-0006 - PCF Font parser buffer overflow.
diff --git a/dix/dixfonts.c b/dix/dixfonts.c
index 2979c64..04f1f1b 100644
--- a/dix/dixfonts.c
+++ b/dix/dixfonts.c
@@ -326,6 +326,13 @@ doOpenFont(ClientPtr client, OFclosurePtr c)
err = BadFontName;
goto bail;
}
+ /* check values for firstCol, lastCol, firstRow, and lastRow */
+ if (pfont->info.firstCol > pfont->info.lastCol ||
+ pfont->info.firstRow > pfont->info.lastRow ||
+ pfont->info.lastCol - pfont->info.firstCol > 255) {
+ err = AllocError;
+ goto bail;
+ }
if (!pfont->fpe)
pfont->fpe = fpe;
pfont->refcnt++;
commit 6de61f82728df22ea01f9659df6581b87f33f11d
Author: Matthieu Herrb <matthieu at bluenote.herrb.com>
Date: Thu Jan 17 15:28:42 2008 +0100
Fix for CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows.
diff --git a/Xext/EVI.c b/Xext/EVI.c
index 4bd050c..a637bae 100644
--- a/Xext/EVI.c
+++ b/Xext/EVI.c
@@ -34,6 +34,7 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE.
#include <X11/extensions/XEVIstr.h>
#include "EVIstruct.h"
#include "modinit.h"
+#include "scrnintstr.h"
static EviPrivPtr eviPriv;
@@ -84,10 +85,22 @@ ProcEVIGetVisualInfo(ClientPtr client)
{
REQUEST(xEVIGetVisualInfoReq);
xEVIGetVisualInfoReply rep;
- int n, n_conflict, n_info, sz_info, sz_conflict;
+ int i, n, n_conflict, n_info, sz_info, sz_conflict;
VisualID32 *conflict;
+ unsigned int total_visuals = 0;
xExtendedVisualInfo *eviInfo;
int status;
+
+ /*
+ * do this first, otherwise REQUEST_FIXED_SIZE can overflow. we assume
+ * here that you don't have more than 2^32 visuals over all your screens;
+ * this seems like a safe assumption.
+ */
+ for (i = 0; i < screenInfo.numScreens; i++)
+ total_visuals += screenInfo.screens[i]->numVisuals;
+ if (stuff->n_visual > total_visuals)
+ return BadValue;
+
REQUEST_FIXED_SIZE(xEVIGetVisualInfoReq, stuff->n_visual * sz_VisualID32);
status = eviPriv->getVisualInfo((VisualID32 *)&stuff[1], (int)stuff->n_visual,
&eviInfo, &n_info, &conflict, &n_conflict);
diff --git a/Xext/sampleEVI.c b/Xext/sampleEVI.c
index 7508aa7..b871bfd 100644
--- a/Xext/sampleEVI.c
+++ b/Xext/sampleEVI.c
@@ -34,6 +34,13 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE.
#include <X11/extensions/XEVIstr.h>
#include "EVIstruct.h"
#include "scrnintstr.h"
+
+#if HAVE_STDINT_H
+#include <stdint.h>
+#elif !defined(UINT32_MAX)
+#define UINT32_MAX 0xffffffffU
+#endif
+
static int sampleGetVisualInfo(
VisualID32 *visual,
int n_visual,
@@ -42,24 +49,36 @@ static int sampleGetVisualInfo(
VisualID32 **conflict_rn,
int *n_conflict_rn)
{
- int max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens;
+ unsigned int max_sz_evi;
VisualID32 *temp_conflict;
xExtendedVisualInfo *evi;
- int max_visuals = 0, max_sz_conflict, sz_conflict = 0;
+ unsigned int max_visuals = 0, max_sz_conflict, sz_conflict = 0;
register int visualI, scrI, sz_evi = 0, conflictI, n_conflict;
- *evi_rn = evi = (xExtendedVisualInfo *)xalloc(max_sz_evi);
- if (!*evi_rn)
- return BadAlloc;
+
+ if (n_visual > UINT32_MAX/(sz_xExtendedVisualInfo * screenInfo.numScreens))
+ return BadAlloc;
+ max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens;
+
for (scrI = 0; scrI < screenInfo.numScreens; scrI++) {
if (screenInfo.screens[scrI]->numVisuals > max_visuals)
max_visuals = screenInfo.screens[scrI]->numVisuals;
}
+
+ if (n_visual > UINT32_MAX/(sz_VisualID32 * screenInfo.numScreens
+ * max_visuals))
+ return BadAlloc;
max_sz_conflict = n_visual * sz_VisualID32 * screenInfo.numScreens * max_visuals;
+
+ *evi_rn = evi = (xExtendedVisualInfo *)xalloc(max_sz_evi);
+ if (!*evi_rn)
+ return BadAlloc;
+
temp_conflict = (VisualID32 *)xalloc(max_sz_conflict);
if (!temp_conflict) {
xfree(*evi_rn);
return BadAlloc;
}
+
for (scrI = 0; scrI < screenInfo.numScreens; scrI++) {
for (visualI = 0; visualI < n_visual; visualI++) {
evi[sz_evi].core_visual_id = visual[visualI];
diff --git a/Xext/shm.c b/Xext/shm.c
index e3d7a23..c545e49 100644
--- a/Xext/shm.c
+++ b/Xext/shm.c
@@ -757,6 +757,8 @@ ProcPanoramiXShmCreatePixmap(
int i, j, result, rc;
ShmDescPtr shmdesc;
REQUEST(xShmCreatePixmapReq);
+ unsigned int width, height, depth;
+ unsigned long size;
PanoramiXRes *newPix;
REQUEST_SIZE_MATCH(xShmCreatePixmapReq);
@@ -770,11 +772,26 @@ ProcPanoramiXShmCreatePixmap(
return rc;
VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client);
- if (!stuff->width || !stuff->height)
+
+ width = stuff->width;
+ height = stuff->height;
+ depth = stuff->depth;
+ if (!width || !height || !depth)
{
client->errorValue = 0;
return BadValue;
}
+ if (width > 32767 || height > 32767)
+ return BadAlloc;
+ size = PixmapBytePad(width, depth) * height;
+ if (sizeof(size) == 4) {
+ if (size < width * height)
+ return BadAlloc;
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
+ }
+
if (stuff->depth != 1)
{
pDepth = pDraw->pScreen->allowedDepths;
@@ -785,9 +802,7 @@ ProcPanoramiXShmCreatePixmap(
return BadValue;
}
CreatePmap:
- VERIFY_SHMSIZE(shmdesc, stuff->offset,
- PixmapBytePad(stuff->width, stuff->depth) * stuff->height,
- client);
+ VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
if(!(newPix = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes))))
return BadAlloc;
@@ -1086,6 +1101,8 @@ ProcShmCreatePixmap(client)
register int i, rc;
ShmDescPtr shmdesc;
REQUEST(xShmCreatePixmapReq);
+ unsigned int width, height, depth;
+ unsigned long size;
REQUEST_SIZE_MATCH(xShmCreatePixmapReq);
client->errorValue = stuff->pid;
@@ -1098,11 +1115,26 @@ ProcShmCreatePixmap(client)
return rc;
VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client);
- if (!stuff->width || !stuff->height)
+
+ width = stuff->width;
+ height = stuff->height;
+ depth = stuff->depth;
+ if (!width || !height || !depth)
{
client->errorValue = 0;
return BadValue;
}
+ if (width > 32767 || height > 32767)
+ return BadAlloc;
+ size = PixmapBytePad(width, depth) * height;
+ if (sizeof(size) == 4) {
+ if (size < width * height)
+ return BadAlloc;
+ /* thankfully, offset is unsigned */
+ if (stuff->offset + size < size)
+ return BadAlloc;
+ }
+
if (stuff->depth != 1)
{
pDepth = pDraw->pScreen->allowedDepths;
@@ -1113,9 +1145,7 @@ ProcShmCreatePixmap(client)
return BadValue;
}
CreatePmap:
- VERIFY_SHMSIZE(shmdesc, stuff->offset,
- PixmapBytePad(stuff->width, stuff->depth) * stuff->height,
- client);
+ VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client);
pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)(
pDraw->pScreen, stuff->width,
stuff->height, stuff->depth,
commit 7dc1717ff0f96b99271a912b8948dfce5164d5ad
Author: Matthieu Herrb <matthieu at bluenote.herrb.com>
Date: Thu Jan 17 15:28:03 2008 +0100
Fix for CVE-2007-6428 - TOG-cup extension memory corruption.
diff --git a/Xext/cup.c b/Xext/cup.c
index d0e820c..fd1409e 100644
--- a/Xext/cup.c
+++ b/Xext/cup.c
@@ -176,6 +176,9 @@ int ProcGetReservedColormapEntries(
REQUEST_SIZE_MATCH (xXcupGetReservedColormapEntriesReq);
+ if (stuff->screen >= screenInfo.numScreens)
+ return BadValue;
+
#ifndef HAVE_SPECIAL_DESKTOP_COLORS
citems[CUP_BLACK_PIXEL].pixel =
screenInfo.screens[stuff->screen]->blackPixel;
commit dd5e0f5cd5f3a87fee86d99c073ffa7cf89b0a27
Author: Matthieu Herrb <matthieu at bluenote.herrb.com>
Date: Thu Jan 17 15:27:34 2008 +0100
Fix for CVE-2007-6427 - Xinput extension memory corruption.
diff --git a/Xi/chgfctl.c b/Xi/chgfctl.c
index 8fc24d5..696b74a 100644
--- a/Xi/chgfctl.c
+++ b/Xi/chgfctl.c
@@ -302,18 +302,13 @@ ChangeStringFeedback(ClientPtr client, DeviceIntPtr dev,
xStringFeedbackCtl * f)
{
char n;
- long *p;
int i, j;
KeySym *syms, *sup_syms;
syms = (KeySym *) (f + 1);
if (client->swapped) {
swaps(&f->length, n); /* swapped num_keysyms in calling proc */
- p = (long *)(syms);
- for (i = 0; i < f->num_keysyms; i++) {
- swapl(p, n);
- p++;
- }
+ SwapLongs((CARD32 *) syms, f->num_keysyms);
}
if (f->num_keysyms > s->ctrl.max_symbols)
diff --git a/Xi/chgkmap.c b/Xi/chgkmap.c
index 3361e98..df334c1 100644
--- a/Xi/chgkmap.c
+++ b/Xi/chgkmap.c
@@ -75,18 +75,14 @@ int
SProcXChangeDeviceKeyMapping(ClientPtr client)
{
char n;
- long *p;
- int i, count;
+ unsigned int count;
REQUEST(xChangeDeviceKeyMappingReq);
swaps(&stuff->length, n);
REQUEST_AT_LEAST_SIZE(xChangeDeviceKeyMappingReq);
- p = (long *)&stuff[1];
count = stuff->keyCodes * stuff->keySymsPerKeyCode;
- for (i = 0; i < count; i++) {
- swapl(p, n);
- p++;
- }
+ REQUEST_FIXED_SIZE(xChangeDeviceKeyMappingReq, count * sizeof(CARD32));
+ SwapLongs((CARD32 *) (&stuff[1]), count);
return (ProcXChangeDeviceKeyMapping(client));
}
@@ -102,10 +98,14 @@ ProcXChangeDeviceKeyMapping(ClientPtr client)
int ret;
unsigned len;
DeviceIntPtr dev;
+ unsigned int count;
REQUEST(xChangeDeviceKeyMappingReq);
REQUEST_AT_LEAST_SIZE(xChangeDeviceKeyMappingReq);
+ count = stuff->keyCodes * stuff->keySymsPerKeyCode;
+ REQUEST_FIXED_SIZE(xChangeDeviceKeyMappingReq, count * sizeof(CARD32));
+
ret = dixLookupDevice(&dev, stuff->deviceid, client, DixSetAttrAccess);
if (ret != Success)
return ret;
diff --git a/Xi/chgprop.c b/Xi/chgprop.c
index 58db886..3fb33e1 100644
--- a/Xi/chgprop.c
+++ b/Xi/chgprop.c
@@ -77,19 +77,15 @@ int
SProcXChangeDeviceDontPropagateList(ClientPtr client)
{
char n;
- long *p;
- int i;
REQUEST(xChangeDeviceDontPropagateListReq);
swaps(&stuff->length, n);
REQUEST_AT_LEAST_SIZE(xChangeDeviceDontPropagateListReq);
swapl(&stuff->window, n);
swaps(&stuff->count, n);
- p = (long *)&stuff[1];
- for (i = 0; i < stuff->count; i++) {
- swapl(p, n);
- p++;
- }
+ REQUEST_FIXED_SIZE(xChangeDeviceDontPropagateListReq,
+ stuff->count * sizeof(CARD32));
+ SwapLongs((CARD32 *) (&stuff[1]), stuff->count);
return (ProcXChangeDeviceDontPropagateList(client));
}
diff --git a/Xi/grabdev.c b/Xi/grabdev.c
index 110fc6b..0671e0e 100644
--- a/Xi/grabdev.c
+++ b/Xi/grabdev.c
@@ -78,8 +78,6 @@ int
SProcXGrabDevice(ClientPtr client)
{
char n;
- long *p;
- int i;
REQUEST(xGrabDeviceReq);
swaps(&stuff->length, n);
@@ -87,11 +85,11 @@ SProcXGrabDevice(ClientPtr client)
swapl(&stuff->grabWindow, n);
swapl(&stuff->time, n);
swaps(&stuff->event_count, n);
- p = (long *)&stuff[1];
- for (i = 0; i < stuff->event_count; i++) {
- swapl(p, n);
- p++;
- }
+
+ if (stuff->length != (sizeof(xGrabDeviceReq) >> 2) + stuff->event_count)
+ return BadLength;
+
+ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count);
return (ProcXGrabDevice(client));
}
diff --git a/Xi/grabdevb.c b/Xi/grabdevb.c
index c2661e8..ce0dcc5 100644
--- a/Xi/grabdevb.c
+++ b/Xi/grabdevb.c
@@ -77,8 +77,6 @@ int
SProcXGrabDeviceButton(ClientPtr client)
{
char n;
- long *p;
- int i;
REQUEST(xGrabDeviceButtonReq);
swaps(&stuff->length, n);
@@ -86,11 +84,9 @@ SProcXGrabDeviceButton(ClientPtr client)
swapl(&stuff->grabWindow, n);
swaps(&stuff->modifiers, n);
swaps(&stuff->event_count, n);
- p = (long *)&stuff[1];
- for (i = 0; i < stuff->event_count; i++) {
- swapl(p, n);
- p++;
- }
+ REQUEST_FIXED_SIZE(xGrabDeviceButtonReq,
+ stuff->event_count * sizeof(CARD32));
+ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count);
return (ProcXGrabDeviceButton(client));
}
diff --git a/Xi/grabdevk.c b/Xi/grabdevk.c
index 43b1928..d4b7fe8 100644
--- a/Xi/grabdevk.c
+++ b/Xi/grabdevk.c
@@ -77,8 +77,6 @@ int
SProcXGrabDeviceKey(ClientPtr client)
{
char n;
- long *p;
- int i;
REQUEST(xGrabDeviceKeyReq);
swaps(&stuff->length, n);
@@ -86,11 +84,8 @@ SProcXGrabDeviceKey(ClientPtr client)
swapl(&stuff->grabWindow, n);
swaps(&stuff->modifiers, n);
swaps(&stuff->event_count, n);
- p = (long *)&stuff[1];
- for (i = 0; i < stuff->event_count; i++) {
- swapl(p, n);
- p++;
- }
+ REQUEST_FIXED_SIZE(xGrabDeviceKeyReq, stuff->event_count * sizeof(CARD32));
+ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count);
return (ProcXGrabDeviceKey(client));
}
diff --git a/Xi/selectev.c b/Xi/selectev.c
index b93618a..d3670ab 100644
--- a/Xi/selectev.c
+++ b/Xi/selectev.c
@@ -127,19 +127,16 @@ int
SProcXSelectExtensionEvent(ClientPtr client)
{
char n;
- long *p;
- int i;
REQUEST(xSelectExtensionEventReq);
swaps(&stuff->length, n);
REQUEST_AT_LEAST_SIZE(xSelectExtensionEventReq);
swapl(&stuff->window, n);
swaps(&stuff->count, n);
- p = (long *)&stuff[1];
- for (i = 0; i < stuff->count; i++) {
- swapl(p, n);
- p++;
- }
+ REQUEST_FIXED_SIZE(xSelectExtensionEventReq,
+ stuff->count * sizeof(CARD32));
+ SwapLongs((CARD32 *) (&stuff[1]), stuff->count);
+
return (ProcXSelectExtensionEvent(client));
}
diff --git a/Xi/sendexev.c b/Xi/sendexev.c
index e4e38d7..588c910 100644
--- a/Xi/sendexev.c
+++ b/Xi/sendexev.c
@@ -80,7 +80,7 @@ int
SProcXSendExtensionEvent(ClientPtr client)
{
char n;
- long *p;
+ CARD32 *p;
int i;
xEvent eventT;
xEvent *eventP;
@@ -91,6 +91,11 @@ SProcXSendExtensionEvent(ClientPtr client)
REQUEST_AT_LEAST_SIZE(xSendExtensionEventReq);
swapl(&stuff->destination, n);
swaps(&stuff->count, n);
+
+ if (stuff->length != (sizeof(xSendExtensionEventReq) >> 2) + stuff->count +
+ (stuff->num_events * (sizeof(xEvent) >> 2)))
+ return BadLength;
+
eventP = (xEvent *) & stuff[1];
for (i = 0; i < stuff->num_events; i++, eventP++) {
proc = EventSwapVector[eventP->u.u.type & 0177];
@@ -100,11 +105,8 @@ SProcXSendExtensionEvent(ClientPtr client)
*eventP = eventT;
}
- p = (long *)(((xEvent *) & stuff[1]) + stuff->num_events);
- for (i = 0; i < stuff->count; i++) {
- swapl(p, n);
- p++;
- }
+ p = (CARD32 *)(((xEvent *) & stuff[1]) + stuff->num_events);
+ SwapLongs(p, stuff->count);
return (ProcXSendExtensionEvent(client));
}
commit bbde5b62a137ba726a747b838d81e92d72c1b42b
Author: Matthieu Herrb <matthieu at bluenote.herrb.com>
Date: Thu Jan 17 15:26:41 2008 +0100
Fix for CVE-2007-5760 - XFree86 Misc extension out of bounds array index
diff --git a/hw/xfree86/common/xf86MiscExt.c b/hw/xfree86/common/xf86MiscExt.c
index c1b9c60..40c196a 100644
--- a/hw/xfree86/common/xf86MiscExt.c
+++ b/hw/xfree86/common/xf86MiscExt.c
@@ -548,6 +548,10 @@ MiscExtPassMessage(int scrnIndex, const char *msgtype, const char *msgval,
{
ScrnInfoPtr pScr = xf86Screens[scrnIndex];
+ /* should check this in the protocol, but xf86NumScreens isn't exported */
+ if (scrnIndex >= xf86NumScreens)
+ return BadValue;
+
if (*pScr->HandleMessage == NULL)
return BadImplementation;
return (*pScr->HandleMessage)(scrnIndex, msgtype, msgval, retstr);
commit e85130c85f727466fc27be1cfa46c88b257499fb
Author: Daniel Stone <daniel at fooishbar.org>
Date: Sat Jan 5 10:47:39 2008 +0200
Xephyr: One-time keyboard leak fix
Don't leak the originally-allocated keysym map.
diff --git a/hw/kdrive/ephyr/ephyr.c b/hw/kdrive/ephyr/ephyr.c
index c5c8a56..6ec95d6 100644
--- a/hw/kdrive/ephyr/ephyr.c
+++ b/hw/kdrive/ephyr/ephyr.c
@@ -1031,6 +1031,7 @@ EphyrKeyboardInit (KdKeyboardInfo *ki)
ki->minScanCode = ki->keySyms.minKeyCode;
ki->maxScanCode = ki->keySyms.maxKeyCode;
ki->keySyms.mapWidth = ephyrKeySyms.mapWidth;
+ xfree(ki->keySyms.map);
ki->keySyms.map = ephyrKeySyms.map;
ki->name = KdSaveString("Xephyr virtual keyboard");
ephyrKbd = ki;
commit 0137b0394a248f694448a7d97c9a1a3efcf24e81
Author: Daniel Stone <daniel at fooishbar.org>
Date: Sat Jan 5 10:43:53 2008 +0200
XKB: XkbCopyKeymap: Don't leak all the sections
Previously, we'd just keep num_sections at 0, which would break the
geometry and lead us to leak sections. Don't do that.
diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c
index 31c1a9f..1fb47ed 100644
--- a/xkb/xkbUtils.c
+++ b/xkb/xkbUtils.c
@@ -1793,6 +1793,7 @@ XkbCopyKeymap(XkbDescPtr src, XkbDescPtr dst, Bool sendNotifies)
if (!tmp)
return FALSE;
dst->geom->sections = tmp;
+ dst->geom->num_sections = src->geom->num_sections;
for (i = 0,
ssection = src->geom->sections,
commit b99a43dfe97c1813e1c61f298b1c83c5d5ca88a2
Author: Daniel Stone <daniel at fooishbar.org>
Date: Sat Jan 5 10:38:16 2008 +0200
OS: IO: Zero out client buffers
For alignment reasons, we can write out uninitialised bytes, so allocate
the whole thing with xcalloc.
diff --git a/os/io.c b/os/io.c
index 968f40a..be89021 100644
--- a/os/io.c
+++ b/os/io.c
@@ -1196,7 +1196,7 @@ AllocateOutputBuffer(void)
oco = (ConnectionOutputPtr)xalloc(sizeof(ConnectionOutput));
if (!oco)
return (ConnectionOutputPtr)NULL;
- oco->buf = (unsigned char *) xalloc(BUFSIZE);
+ oco->buf = (unsigned char *) xcalloc(1, BUFSIZE);
if (!oco->buf)
{
xfree(oco);
commit a6a7fadbb03ee99312dfb15ac478ab3c414c1c0b
Author: Kristian Høgsberg <krh at redhat.com>
Date: Wed Jan 16 20:24:11 2008 -0500
Don't break grab and focus state for a window when redirecting it.
Composite uses an unmap/map cycle to trigger backing pixmap allocation
and cliprect recomputation when a window is redirected or unredirected.
To avoid protocol visible side effects, map and unmap events are
disabled temporarily. However, when a window is unmapped it is also
removed from grabs and loses focus, but these state changes are not
disabled.
This change supresses the unmap side effects during the composite
unmap/map cycle and fixes this bug:
http://bugzilla.gnome.org/show_bug.cgi?id=488264
where compiz would cause gnome-screensaver to lose its grab when
compiz unredirects the fullscreen lock window.
diff --git a/dix/window.c b/dix/window.c
index 33cf76b..1ccf126 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -2993,7 +2993,8 @@ UnrealizeTree(
}
#endif
(* Unrealize)(pChild);
- DeleteWindowFromAnyEvents(pChild, FALSE);
+ if (MapUnmapEventsEnabled(pWin))
+ DeleteWindowFromAnyEvents(pChild, FALSE);
if (pChild->viewable)
{
#ifdef DO_SAVE_UNDERS
commit e46f6ddeccd082b2d507a1e8b57ea30e6b0a2c83
Author: Michel Dänzer <michel at tungstengraphics.com>
Date: Wed Jan 16 14:24:22 2008 +0100
Yet another Xv extension byte swapping fix.
diff --git a/Xext/xvdisp.c b/Xext/xvdisp.c
index 237ad51..de0128e 100644
--- a/Xext/xvdisp.c
+++ b/Xext/xvdisp.c
@@ -1588,6 +1588,7 @@ SProcXvSetPortAttribute(ClientPtr client)
swaps(&stuff->length, n);
swapl(&stuff->port, n);
swapl(&stuff->attribute, n);
+ swapl(&stuff->value, n);
return XvProcVector[xv_SetPortAttribute](client);
}
commit 7a0d16ef0a103bcb25fa8a20322685f017aaf5a3
Author: Tiago Vignatti <vignatti at c3sl.ufpr.br>
Date: Tue Jan 15 03:27:16 2008 -0200
Removed some warnings.
diff --git a/hw/kdrive/ephyr/ephyrdriext.c b/hw/kdrive/ephyr/ephyrdriext.c
index b6be47f..1b9dce5 100644
--- a/hw/kdrive/ephyr/ephyrdriext.c
+++ b/hw/kdrive/ephyr/ephyrdriext.c
@@ -206,7 +206,7 @@ ephyrDRIScreenInit (ScreenPtr a_screen)
a_screen->ClipNotify = ephyrDRIClipNotify ;
is_ok = TRUE ;
-out:
+
return is_ok ;
}
diff --git a/hw/kdrive/ephyr/ephyrlog.h b/hw/kdrive/ephyr/ephyrlog.h
index 4c6435e..71f7977 100644
--- a/hw/kdrive/ephyr/ephyrlog.h
+++ b/hw/kdrive/ephyr/ephyrlog.h
@@ -33,8 +33,8 @@
#ifdef NDEBUG
/*we are not in debug mode*/
-#define EPHYR_LOG
-#define EPHYR_LOG_ERROR
+#define EPHYR_LOG(...)
+#define EPHYR_LOG_ERROR(...)
#endif /*NDEBUG*/
#define ERROR_LOG_LEVEL 3
diff --git a/hw/kdrive/ephyr/hostx.c b/hw/kdrive/ephyr/hostx.c
index b5ffdd0..a5413b8 100644
--- a/hw/kdrive/ephyr/hostx.c
+++ b/hw/kdrive/ephyr/hostx.c
@@ -1078,16 +1078,6 @@ out:
}
-typedef struct {
- int is_valid ;
- int local_id ;
- int remote_id ;
-} ResourcePair ;
-
-#define RESOURCE_PEERS_SIZE 1024*10
-static ResourcePair resource_peers[RESOURCE_PEERS_SIZE] ;
-
-
int
hostx_create_window (int a_screen_number,
EphyrBox *a_geometry,
@@ -1259,6 +1249,16 @@ hostx_has_xshape (void)
}
#ifdef XEPHYR_DRI
+typedef struct {
+ int is_valid ;
+ int local_id ;
+ int remote_id ;
+} ResourcePair ;
+
+#define RESOURCE_PEERS_SIZE 1024*10
+static ResourcePair resource_peers[RESOURCE_PEERS_SIZE] ;
+
+
int
hostx_allocate_resource_id_peer (int a_local_resource_id,
int *a_remote_resource_id)
commit 315d6a2b1d2a3de308e98d548afe780c59a784fc
Author: Tiago Vignatti <vignatti at c3sl.ufpr.br>
Date: Tue Jan 15 02:59:56 2008 -0200
Fix Xephyr compilation without GLX.
diff --git a/configure.ac b/configure.ac
index 0742040..566ddcb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1901,7 +1901,7 @@ if test "$KDRIVE" = yes; then
XEPHYR=$xephyr
fi
XEPHYR_DRI=no
- if test x$XEPHYR = xyes -a x$DRI = xyes; then
+ if test x$XEPHYR = xyes -a x$DRI = xyes && test "x$GLX" = xyes; then
XEPHYR_DRI=yes
XEPHYR_DRI_LIBS=-lGL
AC_SUBST(XEPHYR_DRI_LIBS)
diff --git a/hw/kdrive/ephyr/ephyr.c b/hw/kdrive/ephyr/ephyr.c
index 2a762a2..c5c8a56 100644
--- a/hw/kdrive/ephyr/ephyr.c
+++ b/hw/kdrive/ephyr/ephyr.c
@@ -635,7 +635,9 @@ ephyrInitScreen (ScreenPtr pScreen)
if (!ephyrNoDRI && !hostx_has_dri ()) {
EPHYR_LOG ("host x does not support DRI. Disabling DRI forwarding\n") ;
ephyrNoDRI = TRUE ;
+#ifdef GLXEXT
noGlxVisualInit = FALSE ;
+#endif
}
if (!ephyrNoDRI) {
ephyrDRIExtensionInit (pScreen) ;
commit 1f83f40525acd3aff8f50b3c519bc1f307ff1e19
Author: Dave Airlie <airlied at linux.ie>
Date: Tue Jan 15 10:20:50 2008 +1000
xf86Cursors: fix memset for non-square cursors
diff --git a/hw/xfree86/modes/xf86Cursors.c b/hw/xfree86/modes/xf86Cursors.c
index acf34c1..5a4d0f6 100644
--- a/hw/xfree86/modes/xf86Cursors.c
+++ b/hw/xfree86/modes/xf86Cursors.c
@@ -400,7 +400,7 @@ xf86_crtc_load_cursor_image (xf86CrtcPtr crtc, CARD8 *src)
int flags = cursor_info->Flags;
cursor_image = xf86_config->cursor_image;
- memset(cursor_image, 0, cursor_info->MaxWidth * stride);
+ memset(cursor_image, 0, cursor_info->MaxHeight * stride);
for (y = 0; y < cursor_info->MaxHeight; y++)
for (x = 0; x < cursor_info->MaxWidth; x++)
commit e6ea3147bfb686798dac381eb8900f9f18beb88e
Author: Bernardo Innocenti <bernie at codewiz.org>
Date: Sun Jan 13 19:50:37 2008 -0500
exa: make the prototype for exaGetPixmapFirstPixel() public
This fixes a warning in amd_drv which is using it.
Signed-off-by: Bernardo Innocenti <bernie at codewiz.org>
diff --git a/exa/exa.h b/exa/exa.h
index 1ff0518..0774a70 100644
--- a/exa/exa.h
+++ b/exa/exa.h
@@ -790,6 +790,9 @@ exaMoveOutPixmap (PixmapPtr pPixmap);
void *
exaGetPixmapDriverPrivate(PixmapPtr p);
+CARD32
+exaGetPixmapFirstPixel (PixmapPtr pPixmap);
+
/**
* Returns TRUE if the given planemask covers all the significant bits in the
* pixel values for pDrawable.
diff --git a/exa/exa_priv.h b/exa/exa_priv.h
index de8b2f5..89f4718 100644
--- a/exa/exa_priv.h
+++ b/exa/exa_priv.h
@@ -291,9 +291,6 @@ ExaCheckGetSpans (DrawablePtr pDrawable,
int nspans,
char *pdstStart);
-CARD32
-exaGetPixmapFirstPixel (PixmapPtr pPixmap);
-
/* exa_accel.c */
static _X_INLINE Bool
commit 180a5aba4de3104fed8bc4e7d42a1e3a51575318
Author: Jeremy Huddleston <jeremy at yuffie.local>
Date: Sat Jan 12 21:24:34 2008 -0800
XQuartz: Fixed copy-paste error with login_shell commit
(cherry picked from commit 6deec3acc6f8010b5b53a1e55a0a2c4080ba69d2)
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index e13edc1..d3f8365 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -302,7 +302,7 @@
argv[0] = "/usr/bin/login";
argv[1] = "-fp";
argv[2] = getlogin();
- argv[3] = [X11App prefs_get_string:@PREFS_FAKE_BUTTON2 default:"/bin/sh"];
+ argv[3] = [X11App prefs_get_string:@PREFS_LOGIN_SHELL default:"/bin/sh"];
argv[4] = "-c";
argv[5] = command;
argv[6] = NULL;
commit 6fd4a5e2e4d0be0ba0773df831687e11e1262c72
Author: Jeremy Huddleston <jeremy at yuffie.local>
Date: Sat Jan 12 11:56:00 2008 -0800
XQuartz: Corrected copyright X.org Project -> X.org Foundation
(cherry picked from commit f21631444816fc12b8a534c2cf79e6ac6c2af7c9)
diff --git a/hw/xquartz/bundle/Info.plist b/hw/xquartz/bundle/Info.plist
index 5babdfe..6ba02dd 100644
--- a/hw/xquartz/bundle/Info.plist
+++ b/hw/xquartz/bundle/Info.plist
@@ -27,7 +27,7 @@
<key>NSHumanReadableCopyright</key>
<string>Copyright © 2003-2008, Apple Inc.
Copyright © 2003, XFree86 Project, Inc.
-Copyright © 2003-2008, X.org Project, Inc.
+Copyright © 2003-2008, X.org Foundation, Inc.
</string>
<key>NSMainNibFile</key>
<string>main</string>
commit f72255639c065d795f7767683e851b1b5b2d9480
Author: Jeremy Huddleston <jeremy at yuffie.local>
Date: Sat Jan 12 11:35:48 2008 -0800
XQuartz: added 'login_shell' option to defaults
so the user can choose something other than /bin/sh
(cherry picked from commit b549cf18cebd3435d70f62855239484974c455a1)
diff --git a/hw/xquartz/X11Application.h b/hw/xquartz/X11Application.h
index a1be751..af5aea2 100644
--- a/hw/xquartz/X11Application.h
+++ b/hw/xquartz/X11Application.h
@@ -97,5 +97,6 @@ extern int quartzHasRoot, quartzEnableRootless;
#define PREFS_SWAP_ALT_META "swap_alt_meta"
#define PREFS_XP_OPTIONS "xp_options"
#define PREFS_ENABLE_STEREO "enable_stereo"
+#define PREFS_LOGIN_SHELL "login_shell"
#endif /* X11APPLICATION_H */
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index 6b7c351..e13edc1 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -302,7 +302,7 @@
argv[0] = "/usr/bin/login";
argv[1] = "-fp";
argv[2] = getlogin();
- argv[3] = "/bin/sh";
+ argv[3] = [X11App prefs_get_string:@PREFS_FAKE_BUTTON2 default:"/bin/sh"];
argv[4] = "-c";
argv[5] = command;
argv[6] = NULL;
diff --git a/hw/xquartz/bundle/Makefile.am b/hw/xquartz/bundle/Makefile.am
index 9511670..00d540f 100644
--- a/hw/xquartz/bundle/Makefile.am
+++ b/hw/xquartz/bundle/Makefile.am
@@ -18,8 +18,6 @@ EXTRA_DIST = \
Info.plist \
X11.icns \
bundle-main.c \
- launcher-main.c \
- server-main.c \
English.lproj/InfoPlist.strings \
English.lproj/Localizable.strings \
English.lproj/main.nib/classes.nib \
diff --git a/hw/xquartz/bundle/bundle-main.c b/hw/xquartz/bundle/bundle-main.c
index df78d7f..54d0136 100644
--- a/hw/xquartz/bundle/bundle-main.c
+++ b/hw/xquartz/bundle/bundle-main.c
@@ -38,6 +38,7 @@
#define DEFAULT_CLIENT "/usr/X11/bin/xterm"
#define DEFAULT_STARTX "/usr/X11/bin/startx"
+#define DEFAULT_SHELL "/bin/sh"
static int execute(const char *command);
static char *command_from_prefs(const char *key, const char *default_value);
@@ -82,7 +83,7 @@ static int execute(const char *command) {
newargv[0] = "/usr/bin/login";
newargv[1] = "-fp";
newargv[2] = getlogin();
- newargv[3] = "/bin/sh";
+ newargv[3] = command_from_prefs("login_shell", DEFAULT_SHELL);
newargv[4] = "-c";
newargv[5] = command;
newargv[6] = NULL;
commit ec24a6b5aa732ec6999a27889d9a33cf80123886
Author: Jeremy Huddleston <jeremy at yuffie.local>
Date: Sun Jan 6 18:29:54 2008 -0800
XQuartz: Fixed switching into XQuartz via expose.
(cherry picked from commit 627ed60ce5d7499761028edf379ebd95250d3e04)
diff --git a/hw/xquartz/X11Application.m b/hw/xquartz/X11Application.m
index 72537bb..f688985 100644
--- a/hw/xquartz/X11Application.m
+++ b/hw/xquartz/X11Application.m
@@ -164,7 +164,7 @@ static void message_kit_thread (SEL selector, NSObject *arg) {
have it activated while X is active (unless using the old
keymapping files) */
static TSMDocumentID x11_document;
-
+ DEBUG_LOG("state=%d, _x_active=%d, \n", state, _x_active)
if (state) {
QuartzMessageServerThread (kXDarwinActivate, 0);
@@ -314,6 +314,7 @@ static void message_kit_thread (SEL selector, NSObject *arg) {
}
- (void) set_front_process:unused {
+// [self activateX:YES];
QuartzMessageServerThread(kXDarwinBringAllToFront, 0);
}
@@ -710,6 +711,10 @@ void X11ApplicationSetWindowMenuCheck (int idx) {
void X11ApplicationSetFrontProcess (void) {
message_kit_thread (@selector (set_front_process:), nil);
+
+ /* Hackery needed due to argv[0] hackery */
+ ProcessSerialNumber psn = { 0, kCurrentProcess };
+ SetFrontProcess(&psn);
}
void X11ApplicationSetCanQuit (int state) {
commit 6844bd2e63490870bab3c469eec6030354ef2865
Author: Alan Coopersmith <alan.coopersmith at sun.com>
Date: Wed Jan 9 19:52:00 2008 -0800
More Xv extension byte swapping fixes
diff --git a/Xext/xvdisp.c b/Xext/xvdisp.c
index 17ff1d7..237ad51 100644
--- a/Xext/xvdisp.c
+++ b/Xext/xvdisp.c
@@ -1532,6 +1532,7 @@ SProcXvShmPutImage(ClientPtr client)
swapl(&stuff->gc, n);
swapl(&stuff->shmseg, n);
swapl(&stuff->id, n);
+ swapl(&stuff->offset, n);
swaps(&stuff->src_x, n);
swaps(&stuff->src_y, n);
swaps(&stuff->src_w, n);
@@ -1540,7 +1541,6 @@ SProcXvShmPutImage(ClientPtr client)
swaps(&stuff->drw_y, n);
swaps(&stuff->drw_w, n);
swaps(&stuff->drw_h, n);
- swaps(&stuff->offset, n);
swaps(&stuff->width, n);
swaps(&stuff->height, n);
return XvProcVector[xv_ShmPutImage](client);
@@ -1632,9 +1632,10 @@ SProcXvQueryImageAttributes(ClientPtr client)
char n;
REQUEST(xvQueryImageAttributesReq);
swaps(&stuff->length, n);
+ swapl(&stuff->port, n);
swapl(&stuff->id, n);
swaps(&stuff->width, n);
- swaps(&stuff->width, n);
+ swaps(&stuff->height, n);
return XvProcVector[xv_QueryImageAttributes](client);
}
More information about the xorg-commit
mailing list