xserver: Branch 'master' - 4 commits
Adam Jackson
ajax at kemper.freedesktop.org
Wed Mar 21 15:16:48 UTC 2018
glx/glxdricommon.c | 38 +++++++++++++++++++++--
hw/xfree86/common/xf86Config.c | 2 -
hw/xfree86/common/xf86Init.c | 65 ++---------------------------------------
include/os.h | 3 +
os/utils.c | 65 ++++++++++++++++++++++++++++++++++++++++-
5 files changed, 106 insertions(+), 67 deletions(-)
New commits:
commit 319af6f471912160ab3eb6395ef50f9950063d43
Author: Nicolai Hähnle <nicolai.haehnle at amd.com>
Date: Tue Mar 13 17:46:37 2018 -0400
glx: honor LIBGL_DRIVERS_PATH when loading DRI drivers
Allow switching to another driver build without a full installation.
Glamor already takes LIBGL_DRIVERS_PATH into account, so this change
makes sure that the same driver is used in both parts of the server.
Signed-off-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
Reviewed-by: Ben Crocker <bcrocker at redhat.com>
Reviewed-by: Antoine Martin <antoine at nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker at redhat.com>
diff --git a/glx/glxdricommon.c b/glx/glxdricommon.c
index a16e72849..a6602f930 100644
--- a/glx/glxdricommon.c
+++ b/glx/glxdricommon.c
@@ -272,14 +272,44 @@ glxProbeDriver(const char *driverName,
char filename[PATH_MAX];
char *get_extensions_name;
const __DRIextension **extensions = NULL;
+ const char *path = NULL;
+
+ /* Search in LIBGL_DRIVERS_PATH if we're not setuid. */
+ if (!PrivsElevated())
+ path = getenv("LIBGL_DRIVERS_PATH");
+
+ if (!path)
+ path = dri_driver_path;
+
+ do {
+ const char *next;
+ int path_len;
+
+ next = strchr(path, ':');
+ if (next) {
+ path_len = next - path;
+ next++;
+ } else {
+ path_len = strlen(path);
+ next = NULL;
+ }
- snprintf(filename, sizeof filename, "%s/%s_dri.so",
- dri_driver_path, driverName);
+ snprintf(filename, sizeof filename, "%.*s/%s_dri.so", path_len, path,
+ driverName);
+
+ driver = dlopen(filename, RTLD_LAZY | RTLD_LOCAL);
+ if (driver != NULL)
+ break;
- driver = dlopen(filename, RTLD_LAZY | RTLD_LOCAL);
- if (driver == NULL) {
LogMessage(X_ERROR, "AIGLX error: dlopen of %s failed (%s)\n",
filename, dlerror());
+
+ path = next;
+ } while (path);
+
+ if (driver == NULL) {
+ LogMessage(X_ERROR, "AIGLX error: unable to load driver %s\n",
+ driverName);
goto cleanup_failure;
}
commit 75a869a4e7c06072380931b714ac83b1037d3bbe
Author: Nicolai Hähnle <nicolai.haehnle at amd.com>
Date: Tue Mar 13 17:46:36 2018 -0400
xfree86: replace all uses of xf86PrivsElevated with PrivsElevated
[... but leave it defined and exported, since we're ABI-frozen - ajax]
Signed-off-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
Reviewed-by: Ben Crocker <bcrocker at redhat.com>
Reviewed-by: Antoine Martin <antoine at nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker at redhat.com>
restore abi
diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c
index 2f72c2f76..05991d319 100644
--- a/hw/xfree86/common/xf86Config.c
+++ b/hw/xfree86/common/xf86Config.c
@@ -2275,7 +2275,7 @@ xf86HandleConfigFile(Bool autoconfig)
MessageType filefrom = X_DEFAULT;
MessageType dirfrom = X_DEFAULT;
- if (!xf86PrivsElevated()) {
+ if (!PrivsElevated()) {
filesearch = ALL_CONFIGPATH;
dirsearch = ALL_CONFIGDIRPATH;
}
diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
index 88d202463..0663186b6 100644
--- a/hw/xfree86/common/xf86Init.c
+++ b/hw/xfree86/common/xf86Init.c
@@ -853,7 +853,7 @@ OsVendorInit(void)
#ifdef O_NONBLOCK
if (!beenHere) {
- if (xf86PrivsElevated()) {
+ if (PrivsElevated()) {
int status;
status = fcntl(fileno(stderr), F_GETFL, 0);
@@ -1002,7 +1002,7 @@ xf86PrintDefaultLibraryPath(void)
static void
xf86CheckPrivs(const char *option, const char *arg)
{
- if (xf86PrivsElevated() && !xf86PathIsSafe(arg)) {
+ if (PrivsElevated() && !xf86PathIsSafe(arg)) {
FatalError("\nInvalid argument for %s - \"%s\"\n"
"\tWith elevated privileges %s must specify a relative path\n"
"\twithout any \"..\" elements.\n\n", option, arg, option);
@@ -1299,7 +1299,7 @@ ddxUseMsg(void)
ErrorF("\n");
ErrorF("\n");
ErrorF("Device Dependent Usage\n");
- if (!xf86PrivsElevated()) {
+ if (!PrivsElevated()) {
ErrorF("-modulepath paths specify the module search path\n");
ErrorF("-logfile file specify a log file name\n");
ErrorF("-configure probe for devices and write an "
commit 1b6910af12cfefcc293be2f4144986fe3b56a36b
Author: Nicolai Hähnle <nicolai.haehnle at amd.com>
Date: Tue Mar 13 17:46:35 2018 -0400
os: use PrivsElevated instead of a manual check
Signed-off-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
Reviewed-by: Ben Crocker <bcrocker at redhat.com>
Reviewed-by: Antoine Martin <antoine at nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker at redhat.com>
diff --git a/os/utils.c b/os/utils.c
index 4305dab26..6e3c16869 100644
--- a/os/utils.c
+++ b/os/utils.c
@@ -1863,7 +1863,7 @@ CheckUserParameters(int argc, char **argv, char **envp)
char *a, *e = NULL;
#if CHECK_EUID
- if (geteuid() == 0 && getuid() != geteuid())
+ if (PrivsElevated())
#endif
{
/* Check each argv[] */
commit 9ef602de46de2beae1d6231dc72a1a783a26122f
Author: Nicolai Hähnle <nicolai.haehnle at amd.com>
Date: Tue Mar 13 17:46:34 2018 -0400
os: move xf86PrivsElevated here
Having different types of code all trying to check for elevated privileges
is a bad idea. This implementation is the most thorough one.
Signed-off-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
Reviewed-by: Ben Crocker <bcrocker at redhat.com>
Reviewed-by: Antoine Martin <antoine at nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker at redhat.com>
Reviewed-by: Emil Velikov <emil.velikov at collabora.com>
diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
index cdbf80c61..88d202463 100644
--- a/hw/xfree86/common/xf86Init.c
+++ b/hw/xfree86/common/xf86Init.c
@@ -238,64 +238,7 @@ xf86PrintBanner(void)
Bool
xf86PrivsElevated(void)
{
- static Bool privsTested = FALSE;
- static Bool privsElevated = TRUE;
-
- if (!privsTested) {
-#if defined(WIN32)
- privsElevated = FALSE;
-#else
- if ((getuid() != geteuid()) || (getgid() != getegid())) {
- privsElevated = TRUE;
- }
- else {
-#if defined(HAVE_ISSETUGID)
- privsElevated = issetugid();
-#elif defined(HAVE_GETRESUID)
- uid_t ruid, euid, suid;
- gid_t rgid, egid, sgid;
-
- if ((getresuid(&ruid, &euid, &suid) == 0) &&
- (getresgid(&rgid, &egid, &sgid) == 0)) {
- privsElevated = (euid != suid) || (egid != sgid);
- }
- else {
- printf("Failed getresuid or getresgid");
- /* Something went wrong, make defensive assumption */
- privsElevated = TRUE;
- }
-#else
- if (getuid() == 0) {
- /* running as root: uid==euid==0 */
- privsElevated = FALSE;
- }
- else {
- /*
- * If there are saved ID's the process might still be privileged
- * even though the above test succeeded. If issetugid() and
- * getresgid() aren't available, test this by trying to set
- * euid to 0.
- */
- unsigned int oldeuid;
-
- oldeuid = geteuid();
-
- if (seteuid(0) != 0) {
- privsElevated = FALSE;
- }
- else {
- if (seteuid(oldeuid) != 0) {
- FatalError("Failed to drop privileges. Exiting\n");
- }
- privsElevated = TRUE;
- }
- }
-#endif
- }
-#endif
- privsTested = TRUE;
- }
- return privsElevated;
+ return PrivsElevated();
}
static void
diff --git a/include/os.h b/include/os.h
index c956378b2..3646194a0 100644
--- a/include/os.h
+++ b/include/os.h
@@ -366,6 +366,9 @@ System(const char *cmdline);
#define Fclose(a) fclose(a)
#endif
+extern _X_EXPORT Bool
+PrivsElevated(void);
+
extern _X_EXPORT void
CheckUserParameters(int argc, char **argv, char **envp);
extern _X_EXPORT void
diff --git a/os/utils.c b/os/utils.c
index 4a8d1249f..4305dab26 100644
--- a/os/utils.c
+++ b/os/utils.c
@@ -1719,6 +1719,69 @@ System(const char *cmdline)
}
#endif
+Bool
+PrivsElevated(void)
+{
+ static Bool privsTested = FALSE;
+ static Bool privsElevated = TRUE;
+
+ if (!privsTested) {
+#if defined(WIN32)
+ privsElevated = FALSE;
+#else
+ if ((getuid() != geteuid()) || (getgid() != getegid())) {
+ privsElevated = TRUE;
+ }
+ else {
+#if defined(HAVE_ISSETUGID)
+ privsElevated = issetugid();
+#elif defined(HAVE_GETRESUID)
+ uid_t ruid, euid, suid;
+ gid_t rgid, egid, sgid;
+
+ if ((getresuid(&ruid, &euid, &suid) == 0) &&
+ (getresgid(&rgid, &egid, &sgid) == 0)) {
+ privsElevated = (euid != suid) || (egid != sgid);
+ }
+ else {
+ printf("Failed getresuid or getresgid");
+ /* Something went wrong, make defensive assumption */
+ privsElevated = TRUE;
+ }
+#else
+ if (getuid() == 0) {
+ /* running as root: uid==euid==0 */
+ privsElevated = FALSE;
+ }
+ else {
+ /*
+ * If there are saved ID's the process might still be privileged
+ * even though the above test succeeded. If issetugid() and
+ * getresgid() aren't available, test this by trying to set
+ * euid to 0.
+ */
+ unsigned int oldeuid;
+
+ oldeuid = geteuid();
+
+ if (seteuid(0) != 0) {
+ privsElevated = FALSE;
+ }
+ else {
+ if (seteuid(oldeuid) != 0) {
+ FatalError("Failed to drop privileges. Exiting\n");
+ }
+ privsElevated = TRUE;
+ }
+ }
+#endif
+ }
+#endif
+ privsTested = TRUE;
+ }
+ return privsElevated;
+}
+
/*
* CheckUserParameters: check for long command line arguments and long
* environment variables. By default, these checks are only done when
More information about the xorg-commit
mailing list