configure.ac | 14 +++++--- debian/changelog | 19 +++++++++-- debian/control | 4 +- debian/patches/series | 1 debian/patches/xmir-fixes.diff | 61 ------------------------------------ debian/patches/xmir.patch | 34 ++------------------ debian/xserver-xorg-core.bug.script | 4 +- dix/pixmap.c | 31 ++++++++++++++---- glamor/glamor_render.c | 4 ++ hw/xfree86/ramdac/xf86HWCurs.c | 55 ++++++++++++++++++++++++-------- hw/xwayland/xwayland-cvt.c | 7 ++++ hw/xwayland/xwayland-input.c | 11 +++--- hw/xwayland/xwayland-output.c | 37 ++++++++++++++------- include/dix-config.h.in | 9 +++++ include/input.h | 1 include/os.h | 5 ++ miext/damage/damage.c | 10 +++++ os/auth.c | 14 +++++--- os/inputthread.c | 8 ++++ os/io.c | 3 + os/mitauth.c | 15 -------- os/osdep.h | 6 --- os/rpcauth.c | 6 --- os/timingsafe_memcmp.c | 48 ++++++++++++++++++++++++++++ os/xdmauth.c | 27 --------------- present/present.c | 4 -- 26 files changed, 236 insertions(+), 202 deletions(-)
New commits: commit 226e96c5ac54d35bb8fddb6ad6b84a6b46284b7a Author: Timo Aaltonen <[email protected]> Date: Mon Mar 6 14:21:37 2017 +0200 release to zesty diff --git a/debian/changelog b/debian/changelog index 37aa34f..435d219 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -xorg-server (2:1.19.2-1ubuntu1) UNRELEASED; urgency=medium +xorg-server (2:1.19.2-1ubuntu1) zesty; urgency=medium [ Timo Aaltonen ] * Merge from Debian experimental. @@ -23,7 +23,7 @@ xorg-server (2:1.19.2-1ubuntu1) UNRELEASED; urgency=medium - Support both Mir 0.24, 0.25 and 0.26 client APIs - Fix crashing on arm64 (LP: #1642297) - -- Robert Ancell <[email protected]> Thu, 17 Nov 2016 15:25:26 +1300 + -- Timo Aaltonen <[email protected]> Mon, 06 Mar 2017 14:13:12 +0200 xorg-server (2:1.19.2-1) unstable; urgency=medium commit 65d4d12567c1f7b2e465915bb6a4e4946d88570d Author: Timo Aaltonen <[email protected]> Date: Mon Mar 6 14:09:27 2017 +0200 xmir-fixes.diff: merged to xmir.patch diff --git a/debian/changelog b/debian/changelog index ea36198..37aa34f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -15,7 +15,6 @@ xorg-server (2:1.19.2-1ubuntu1) UNRELEASED; urgency=medium to confflags. * 232-xf86compatoutput-valgrind.patch: This was added upstream already, no need to carry a duplicate check. - * xmir-fixes.diff: Port to new glamor api. [ Robert Ancell ] * debian/patches/xmir.patch: diff --git a/debian/patches/series b/debian/patches/series index a00f624..4cc977d 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -44,4 +44,3 @@ disable-rotation-transform-gpuscreens.patch xmir.patch xi2-resize-touch.patch randr-do-not-check-the-screen-size.diff -xmir-fixes.diff diff --git a/debian/patches/xmir-fixes.diff b/debian/patches/xmir-fixes.diff deleted file mode 100644 index 5500dcb..0000000 --- a/debian/patches/xmir-fixes.diff +++ /dev/null @@ -1,61 +0,0 @@ ---- a/hw/xmir/xmir-glamor.c -+++ b/hw/xmir/xmir-glamor.c -@@ -245,11 +245,6 @@ xmir_glamor_copy_egl_tex(int fbo, Drawab - glVertexAttribPointer(GLAMOR_VERTEX_SOURCE, 2, GL_FLOAT, GL_FALSE, - 2 * sizeof(float), texcoords); - glEnableVertexAttribArray(GLAMOR_VERTEX_SOURCE); -- if (!fbo) { -- glUseProgram(glamor_priv->finish_access_prog[0]); -- glUniform1i(glamor_priv->finish_access_revert[0], REVERT_NONE); -- glUniform1i(glamor_priv->finish_access_swap_rb[0], SWAP_NONE_UPLOADING); -- } - - if (!swap_xy) { - float _tx1, _tx2, _ty1, _ty2; -@@ -606,7 +601,6 @@ xmir_glamor_copy_egl_queue(struct xmir_s - * rotating back and forth. - */ - glamor_set_pixmap_type(src_pixmap, GLAMOR_TEXTURE_DRM); -- src_pixmap_priv->fbo->external = TRUE; - - xmir_win->image = eglCreateImageKHR(xmir_screen->egl_display, xmir_screen->egl_context, EGL_GL_TEXTURE_2D_KHR, (EGLClientBuffer)(intptr_t)src_pixmap_priv->fbo->tex, attribs); - if (!xmir_win->image) { -@@ -931,12 +925,6 @@ xmir_glamor_fini(struct xmir_screen *xmi - free(xmir_screen->device_name); - } - --void --glamor_egl_destroy_textured_pixmap(PixmapPtr pixmap) --{ -- glamor_destroy_textured_pixmap(pixmap); --} -- - static void - xmir_glamor_get_name_from_bo(int drm_fd, struct gbm_bo *bo, int *name) - { -@@ -1025,12 +1013,6 @@ glamor_egl_dri3_fd_name_from_tex(ScreenP - return fd; - } - --unsigned int --glamor_egl_create_argb8888_based_texture(ScreenPtr screen, int w, int h, Bool linear) --{ -- return 0; --} -- - static PixmapPtr - xmir_glamor_create_pixmap(ScreenPtr screen, - int width, int height, int depth, unsigned int hint) -@@ -1111,12 +1093,6 @@ free: - return glamor_create_pixmap(screen, width, height, depth, hint); - } - --void --glamor_egl_destroy_pixmap_image(PixmapPtr pixmap) --{ -- /* XXX: Unused */ --} -- - static Bool - xmir_glamor_destroy_pixmap(PixmapPtr pixmap) - { diff --git a/debian/patches/xmir.patch b/debian/patches/xmir.patch index bd9ded9..955bd6a 100644 --- a/debian/patches/xmir.patch +++ b/debian/patches/xmir.patch @@ -49,7 +49,7 @@ Contributions from: --- a/configure.ac +++ b/configure.ac -@@ -654,6 +654,7 @@ AC_ARG_ENABLE(xvfb, AS_HELP_ST +@@ -658,6 +658,7 @@ AC_ARG_ENABLE(xvfb, AS_HELP_ST AC_ARG_ENABLE(xnest, AS_HELP_STRING([--enable-xnest], [Build Xnest server (default: auto)]), [XNEST=$enableval], [XNEST=auto]) AC_ARG_ENABLE(xquartz, AS_HELP_STRING([--enable-xquartz], [Build Xquartz server for OS-X (default: auto)]), [XQUARTZ=$enableval], [XQUARTZ=auto]) AC_ARG_ENABLE(xwayland, AS_HELP_STRING([--enable-xwayland], [Build Xwayland server (default: auto)]), [XWAYLAND=$enableval], [XWAYLAND=auto]) @@ -57,7 +57,7 @@ Contributions from: AC_ARG_ENABLE(standalone-xpbproxy, AS_HELP_STRING([--enable-standalone-xpbproxy], [Build a standalone xpbproxy (in addition to the one integrated into Xquartz as a separate thread) (default: no)]), [STANDALONE_XPBPROXY=$enableval], [STANDALONE_XPBPROXY=no]) AC_ARG_ENABLE(xwin, AS_HELP_STRING([--enable-xwin], [Build XWin server (default: auto)]), [XWIN=$enableval], [XWIN=auto]) AC_ARG_ENABLE(glamor, AS_HELP_STRING([--enable-glamor], [Build glamor dix module (default: auto)]), [GLAMOR=$enableval], [GLAMOR=auto]) -@@ -772,6 +773,7 @@ case $host_os in +@@ -776,6 +777,7 @@ case $host_os in XVFB=no XNEST=no XWAYLAND=no @@ -65,7 +65,7 @@ Contributions from: COMPOSITE=no DGA=no -@@ -2553,6 +2555,27 @@ if test "x$XWAYLAND" = xyes; then +@@ -2557,6 +2559,27 @@ if test "x$XWAYLAND" = xyes; then AC_SUBST(WAYLAND_PROTOCOLS_DATADIR, `$PKG_CONFIG --variable=pkgdatadir wayland-protocols`) fi @@ -93,7 +93,7 @@ Contributions from: dnl and the rest of these are generic, so they're in config.h dnl -@@ -2702,6 +2725,8 @@ hw/kdrive/fbdev/Makefile +@@ -2706,6 +2729,8 @@ hw/kdrive/fbdev/Makefile hw/kdrive/linux/Makefile hw/kdrive/src/Makefile hw/xwayland/Makefile @@ -3798,7 +3798,7 @@ Contributions from: +} --- /dev/null +++ b/hw/xmir/xmir-glamor.c -@@ -0,0 +1,1180 @@ +@@ -0,0 +1,1156 @@ +/* + * Copyright © 2015-2017 Canonical Ltd + * @@ -4046,11 +4046,6 @@ Contributions from: + glVertexAttribPointer(GLAMOR_VERTEX_SOURCE, 2, GL_FLOAT, GL_FALSE, + 2 * sizeof(float), texcoords); + glEnableVertexAttribArray(GLAMOR_VERTEX_SOURCE); -+ if (!fbo) { -+ glUseProgram(glamor_priv->finish_access_prog[0]); -+ glUniform1i(glamor_priv->finish_access_revert[0], REVERT_NONE); -+ glUniform1i(glamor_priv->finish_access_swap_rb[0], SWAP_NONE_UPLOADING); -+ } + + if (!swap_xy) { + float _tx1, _tx2, _ty1, _ty2; @@ -4407,7 +4402,6 @@ Contributions from: + * rotating back and forth. + */ + glamor_set_pixmap_type(src_pixmap, GLAMOR_TEXTURE_DRM); -+ src_pixmap_priv->fbo->external = TRUE; + + xmir_win->image = eglCreateImageKHR(xmir_screen->egl_display, xmir_screen->egl_context, EGL_GL_TEXTURE_2D_KHR, (EGLClientBuffer)(intptr_t)src_pixmap_priv->fbo->tex, attribs); + if (!xmir_win->image) { @@ -4732,12 +4726,6 @@ Contributions from: + free(xmir_screen->device_name); +} + -+void -+glamor_egl_destroy_textured_pixmap(PixmapPtr pixmap) -+{ -+ glamor_destroy_textured_pixmap(pixmap); -+} -+ +static void +xmir_glamor_get_name_from_bo(int drm_fd, struct gbm_bo *bo, int *name) +{ @@ -4826,12 +4814,6 @@ Contributions from: + return fd; +} + -+unsigned int -+glamor_egl_create_argb8888_based_texture(ScreenPtr screen, int w, int h, Bool linear) -+{ -+ return 0; -+} -+ +static PixmapPtr +xmir_glamor_create_pixmap(ScreenPtr screen, + int width, int height, int depth, unsigned int hint) @@ -4912,12 +4894,6 @@ Contributions from: + return glamor_create_pixmap(screen, width, height, depth, hint); +} + -+void -+glamor_egl_destroy_pixmap_image(PixmapPtr pixmap) -+{ -+ /* XXX: Unused */ -+} -+ +static Bool +xmir_glamor_destroy_pixmap(PixmapPtr pixmap) +{ commit e71663e12630be682a8b914108867389aad980ba Author: Timo Aaltonen <[email protected]> Date: Mon Mar 6 13:41:30 2017 +0200 bump the version diff --git a/debian/changelog b/debian/changelog index 31ed9fe..ea36198 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,18 +1,4 @@ -xorg-server (2:1.19.2-1) unstable; urgency=medium - - [ Andreas Boll ] - * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin - (Closes: #852584). - - [ Emilio Pozuelo Monfort ] - * New upstream stable release. - - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398. - * control: Build-depend on libbsd-dev everywhere, needed for - arc4random_buf for the above fix. - - -- Emilio Pozuelo Monfort <[email protected]> Fri, 03 Mar 2017 15:41:15 +0100 - -xorg-server (2:1.19.1-4ubuntu1) UNRELEASED; urgency=medium +xorg-server (2:1.19.2-1ubuntu1) UNRELEASED; urgency=medium [ Timo Aaltonen ] * Merge from Debian experimental. @@ -40,6 +26,20 @@ xorg-server (2:1.19.1-4ubuntu1) UNRELEASED; urgency=medium -- Robert Ancell <[email protected]> Thu, 17 Nov 2016 15:25:26 +1300 +xorg-server (2:1.19.2-1) unstable; urgency=medium + + [ Andreas Boll ] + * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin + (Closes: #852584). + + [ Emilio Pozuelo Monfort ] + * New upstream stable release. + - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398. + * control: Build-depend on libbsd-dev everywhere, needed for + arc4random_buf for the above fix. + + -- Emilio Pozuelo Monfort <[email protected]> Fri, 03 Mar 2017 15:41:15 +0100 + xorg-server (2:1.19.1-4) unstable; urgency=medium * rules: Only set the suid bit on Xorg.wrap when building arch:any commit 5bc13f1688915fa6cee157191fc7736dab693761 Author: Emilio Pozuelo Monfort <[email protected]> Date: Fri Mar 3 15:41:19 2017 +0100 Release to unstable diff --git a/debian/changelog b/debian/changelog index 530fd81..8b216c9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -xorg-server (2:1.19.2-1) UNRELEASED; urgency=medium +xorg-server (2:1.19.2-1) unstable; urgency=medium [ Andreas Boll ] * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin @@ -10,7 +10,7 @@ xorg-server (2:1.19.2-1) UNRELEASED; urgency=medium * control: Build-depend on libbsd-dev everywhere, needed for arc4random_buf for the above fix. - -- Andreas Boll <[email protected]> Wed, 25 Jan 2017 16:14:03 +0100 + -- Emilio Pozuelo Monfort <[email protected]> Fri, 03 Mar 2017 15:41:15 +0100 xorg-server (2:1.19.1-4) unstable; urgency=medium commit 7a7b6f81f5361213d67a35aa9cf1d601fdb1da42 Author: Emilio Pozuelo Monfort <[email protected]> Date: Fri Mar 3 14:19:15 2017 +0100 Build-depend on libbsd-dev everywhere diff --git a/debian/changelog b/debian/changelog index 2e945a9..530fd81 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,8 @@ xorg-server (2:1.19.2-1) UNRELEASED; urgency=medium [ Emilio Pozuelo Monfort ] * New upstream stable release. - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398. + * control: Build-depend on libbsd-dev everywhere, needed for + arc4random_buf for the above fix. -- Andreas Boll <[email protected]> Wed, 25 Jan 2017 16:14:03 +0100 diff --git a/debian/control b/debian/control index fd230a5..ccbefd6 100644 --- a/debian/control +++ b/debian/control @@ -92,8 +92,8 @@ Build-Depends: # unit tests xkb-data, x11-xkb-utils, -# getpeereid() - libbsd-dev [kfreebsd-any], +# arc4random_buf(), getpeereid() + libbsd-dev, # xwayland libwayland-dev [linux-any], wayland-protocols (>= 1.1) [linux-any], commit add8c9b8797f1155ab1cc8e6d60483370bb801a1 Author: Emilio Pozuelo Monfort <[email protected]> Date: Fri Mar 3 14:14:19 2017 +0100 New upstream release diff --git a/debian/changelog b/debian/changelog index 363a461..2e945a9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,13 @@ -xorg-server (2:1.19.1-5) UNRELEASED; urgency=medium +xorg-server (2:1.19.2-1) UNRELEASED; urgency=medium + [ Andreas Boll ] * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin (Closes: #852584). + [ Emilio Pozuelo Monfort ] + * New upstream stable release. + - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398. + -- Andreas Boll <[email protected]> Wed, 25 Jan 2017 16:14:03 +0100 xorg-server (2:1.19.1-4) unstable; urgency=medium commit f23e65f96365706c69fa781b2c6cbf3203619c9f Author: Adam Jackson <[email protected]> Date: Thu Mar 2 17:53:04 2017 -0500 xserver 1.19.2, no, really Signed-off-by: Adam Jackson <[email protected]> diff --git a/configure.ac b/configure.ac index 7ca32f0..a265ab5 100644 --- a/configure.ac +++ b/configure.ac @@ -26,7 +26,7 @@ dnl dnl Process this file with autoconf to create configure. AC_PREREQ(2.60) -AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server) +AC_INIT([xorg-server], 1.19.2, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server) RELEASE_DATE="2017-03-02" RELEASE_NAME="Clam Chowder" AC_CONFIG_SRCDIR([Makefile.am]) commit 96d4df934bb4397a251d7d1f2dc0e1296c2e9bb3 Author: Adam Jackson <[email protected]> Date: Thu Mar 2 15:07:00 2017 -0500 xserver 1.19.2 Signed-off-by: Adam Jackson <[email protected]> diff --git a/configure.ac b/configure.ac index 292694b..7ca32f0 100644 --- a/configure.ac +++ b/configure.ac @@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure. AC_PREREQ(2.60) AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server) -RELEASE_DATE="2017-01-11" -RELEASE_NAME="Maeuntang" +RELEASE_DATE="2017-03-02" +RELEASE_NAME="Clam Chowder" AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE([foreign dist-bzip2]) commit f4ff7b6b559c3ebf7ec1156d170b3daa0618eec2 Author: Adam Jackson <[email protected]> Date: Thu Mar 2 17:20:30 2017 -0500 os: Squash missing declaration warning for timingsafe_memcmp timingsafe_memcmp.c:21:1: warning: no previous prototype for ‘timingsafe_memcmp’ [-Wmissing-prototypes] timingsafe_memcmp(const void *b1, const void *b2, size_t len) Signed-off-by: Adam Jackson <[email protected]> (cherry picked from commit 5c44169caed811e59a65ba346de1cadb46d266ec) diff --git a/os/timingsafe_memcmp.c b/os/timingsafe_memcmp.c index 36ab362..65679c8 100644 --- a/os/timingsafe_memcmp.c +++ b/os/timingsafe_memcmp.c @@ -16,6 +16,9 @@ #include <limits.h> #include <string.h> +#include <X11/Xfuncproto.h> +#include <dix-config.h> +#include "os.h" int timingsafe_memcmp(const void *b1, const void *b2, size_t len) commit 1aa40b96e2f099eabfeef66e77fff36dbd377aa0 Author: Adam Jackson <[email protected]> Date: Thu Mar 2 15:43:15 2017 -0500 Revert "xserver 1.19.2" Apparently I need to fight make distcheck some more, so let's not pretend this is released yet. This reverts commit 0b4112bc753a5bd5306f0c67e13e26e3f1c72211. diff --git a/configure.ac b/configure.ac index 7ca32f0..292694b 100644 --- a/configure.ac +++ b/configure.ac @@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure. AC_PREREQ(2.60) AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server) -RELEASE_DATE="2017-03-02" -RELEASE_NAME="Clam Chowder" +RELEASE_DATE="2017-01-11" +RELEASE_NAME="Maeuntang" AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE([foreign dist-bzip2]) commit 0b4112bc753a5bd5306f0c67e13e26e3f1c72211 Author: Adam Jackson <[email protected]> Date: Thu Mar 2 15:07:00 2017 -0500 xserver 1.19.2 Signed-off-by: Adam Jackson <[email protected]> diff --git a/configure.ac b/configure.ac index 292694b..7ca32f0 100644 --- a/configure.ac +++ b/configure.ac @@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure. AC_PREREQ(2.60) AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server) -RELEASE_DATE="2017-01-11" -RELEASE_NAME="Maeuntang" +RELEASE_DATE="2017-03-02" +RELEASE_NAME="Clam Chowder" AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE([foreign dist-bzip2]) commit e4dd73b242522942d9a5f1c9cada92321710a682 Author: Olivier Fourdan <[email protected]> Date: Wed Mar 1 08:51:31 2017 +0100 xwayland: do not set checkRepeat on master kbd keyboard_check_repeat() fetches the XWayland seat from the dev->public.devicePrivate do do its thing. If a key event is sent programmatically through Xtest, our device is the virtual core keyboard and that has a dev->public.devicePrivate of NULL, leading to a segfault in keyboard_check_repeat(). This is the case with "antimicro" which sends key events based on the joystick buttons. Don't set the checkRepeat handler on the VCK since it cannot possibly work anyway and it has no effect on the actual checkRepeat intended functionality. Bugzilla: https://bugzilla.redhat.com/1416244 Signed-off-by: Olivier Fourdan <[email protected]> Reviewed-by: Peter Hutterer <[email protected]> Signed-off-by: Peter Hutterer <[email protected]> (cherry picked from commit fe5c340046c8cf755b92763a49b2dc475e856a76) diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c index ce0e433..f06e88a 100644 --- a/hw/xwayland/xwayland-input.c +++ b/hw/xwayland/xwayland-input.c @@ -1033,8 +1033,6 @@ release_relative_pointer(struct xwl_seat *xwl_seat) static void init_keyboard(struct xwl_seat *xwl_seat) { - DeviceIntPtr master; - xwl_seat->wl_keyboard = wl_seat_get_keyboard(xwl_seat->seat); wl_keyboard_add_listener(xwl_seat->wl_keyboard, &keyboard_listener, xwl_seat); @@ -1046,9 +1044,6 @@ init_keyboard(struct xwl_seat *xwl_seat) } EnableDevice(xwl_seat->keyboard, TRUE); xwl_seat->keyboard->key->xkbInfo->checkRepeat = keyboard_check_repeat; - master = GetMaster(xwl_seat->keyboard, MASTER_KEYBOARD); - if (master) - master->key->xkbInfo->checkRepeat = keyboard_check_repeat; } static void commit c84f5c3dd19ae114da4eb3441b3e4e3a29f195df Author: Olivier Fourdan <[email protected]> Date: Tue Feb 28 14:27:52 2017 +0100 xwayland: Make sure we have a focus window During the InitInput() phase, the wayland events get dequeued so we can possibly end up calling dispatch_pointer_motion_event(). If this occurs before xwl_seat->focus_window is set, it leads to a NULL pointer derefence and a segfault. Check for xwl_seat->focus_window in both pointer_handle_frame() and relative_pointer_handle_relative_motion() prior to calling dispatch_pointer_motion_event() like it's done in pointer_handle_motion(). Bugzilla: https://bugzilla.redhat.com/1410804 Signed-off-by: Olivier Fourdan <[email protected]> Reviewed-by: Peter Hutterer <[email protected]> Signed-off-by: Peter Hutterer <[email protected]> (cherry picked from commit 8c9909a99292b2fb4a86de694bb0029f61e35662) diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c index ecf0b7a..ce0e433 100644 --- a/hw/xwayland/xwayland-input.c +++ b/hw/xwayland/xwayland-input.c @@ -516,6 +516,9 @@ pointer_handle_frame(void *data, struct wl_pointer *wl_pointer) { struct xwl_seat *xwl_seat = data; + if (!xwl_seat->focus_window) + return; + dispatch_pointer_motion_event(xwl_seat); } @@ -566,6 +569,9 @@ relative_pointer_handle_relative_motion(void *data, xwl_seat->pending_pointer_event.dx_unaccel = wl_fixed_to_double(dx_unaccelf); xwl_seat->pending_pointer_event.dy_unaccel = wl_fixed_to_double(dy_unaccelf); + if (!xwl_seat->focus_window) + return; + if (wl_proxy_get_version((struct wl_proxy *) xwl_seat->wl_pointer) < 5) dispatch_pointer_motion_event(xwl_seat); } commit 94c3454d9fdbcefb01042c5c9d88468d86dd4725 Author: Matthieu Herrb <[email protected]> Date: Wed Mar 1 20:28:34 2017 +0100 Brown bag commit to fix 957e8d (arc4random_buf() support) - typo in #ifdef check - also need to add AC_CHECK_FUNCS([arc4random_buf]) Reported-by Eric Engestrom. Thanks Reviewed-by: Adam Jackson <[email protected]> Signed-off-by: Matthieu Herrb <[email protected]> (cherry picked from commit 386fbbe410a1168b724136e54cf3bd37fb64ad4e) diff --git a/configure.ac b/configure.ac index 610de09..292694b 100644 --- a/configure.ac +++ b/configure.ac @@ -226,6 +226,7 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\ AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"]) AC_CHECK_LIB([bsd], [arc4random_buf]) +AC_CHECK_FUNCS([arc4random_buf]) AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]]) diff --git a/os/auth.c b/os/auth.c index 41b625d..c7b333c 100644 --- a/os/auth.c +++ b/os/auth.c @@ -305,7 +305,7 @@ GenerateAuthorization(unsigned name_length, void GenerateRandomData(int len, char *buf) { -#ifdef HAVE_ARC4RANDOMBUF +#ifdef HAVE_ARC4RANDOM_BUF arc4random_buf(buf, len); #else int fd; commit b0298c02f0383760be899448fa666d0ea56f5d79 Author: Matthieu Herrb <[email protected]> Date: Tue Feb 28 19:18:56 2017 +0100 auth: remove AuthToIDFunc and associated functions. Not used anymore. And the current code for MitToId has a use-after-free() issue. [Also remove the actual implementations - ajax] Signed-off-by: Matthieu Herrb <[email protected]> Reviewed-by: Alan Coopersmith <[email protected]> (cherry picked from commit 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683) diff --git a/os/auth.c b/os/auth.c index 81164a2..41b625d 100644 --- a/os/auth.c +++ b/os/auth.c @@ -55,7 +55,6 @@ struct protocol { AuthAddCFunc Add; /* new authorization data */ AuthCheckFunc Check; /* verify client authorization data */ AuthRstCFunc Reset; /* delete all authorization data entries */ - AuthToIDFunc ToID; /* convert cookie to ID */ AuthFromIDFunc FromID; /* convert ID to cookie */ AuthRemCFunc Remove; /* remove a specific cookie */ #ifdef XCSECURITY @@ -66,7 +65,7 @@ struct protocol { static struct protocol protocols[] = { {(unsigned short) 18, "MIT-MAGIC-COOKIE-1", MitAddCookie, MitCheckCookie, MitResetCookie, - MitToID, MitFromID, MitRemoveCookie, + MitFromID, MitRemoveCookie, #ifdef XCSECURITY MitGenerateCookie #endif @@ -74,7 +73,7 @@ static struct protocol protocols[] = { #ifdef HASXDMAUTH {(unsigned short) 19, "XDM-AUTHORIZATION-1", XdmAddCookie, XdmCheckCookie, XdmResetCookie, - XdmToID, XdmFromID, XdmRemoveCookie, + XdmFromID, XdmRemoveCookie, #ifdef XCSECURITY NULL #endif @@ -83,7 +82,7 @@ static struct protocol protocols[] = { #ifdef SECURE_RPC {(unsigned short) 9, "SUN-DES-1", SecureRPCAdd, SecureRPCCheck, SecureRPCReset, - SecureRPCToID, SecureRPCFromID, SecureRPCRemove, + SecureRPCFromID, SecureRPCRemove, #ifdef XCSECURITY NULL #endif diff --git a/os/mitauth.c b/os/mitauth.c index efae440..e75d700 100644 --- a/os/mitauth.c +++ b/os/mitauth.c @@ -97,19 +97,6 @@ MitResetCookie(void) return 0; } -XID -MitToID(unsigned short data_length, char *data) -{ - struct auth *auth; - - for (auth = mit_auth; auth; auth = auth->next) { - if (data_length == auth->len && - memcmp(data, auth->data, data_length) == 0) - return auth->id; - } - return (XID) -1; -} - int MitFromID(XID id, unsigned short *data_lenp, char **datap) { diff --git a/os/osdep.h b/os/osdep.h index 90a247f..a0d57b8 100644 --- a/os/osdep.h +++ b/os/osdep.h @@ -113,9 +113,6 @@ typedef int (*AuthRemCFunc) (AuthRemCArgs); #define AuthRstCArgs void typedef int (*AuthRstCFunc) (AuthRstCArgs); -#define AuthToIDArgs unsigned short data_length, char *data -typedef XID (*AuthToIDFunc) (AuthToIDArgs); - typedef void (*OsCloseFunc) (ClientPtr); typedef int (*OsFlushFunc) (ClientPtr who, struct _osComm * oc, char *extraBuf, @@ -185,7 +182,6 @@ extern void GenerateRandomData(int len, char *buf); /* in mitauth.c */ extern XID MitCheckCookie(AuthCheckArgs); extern XID MitGenerateCookie(AuthGenCArgs); -extern XID MitToID(AuthToIDArgs); extern int MitAddCookie(AuthAddCArgs); extern int MitFromID(AuthFromIDArgs); extern int MitRemoveCookie(AuthRemCArgs); @@ -194,7 +190,6 @@ extern int MitResetCookie(AuthRstCArgs); /* in xdmauth.c */ #ifdef HASXDMAUTH extern XID XdmCheckCookie(AuthCheckArgs); -extern XID XdmToID(AuthToIDArgs); extern int XdmAddCookie(AuthAddCArgs); extern int XdmFromID(AuthFromIDArgs); extern int XdmRemoveCookie(AuthRemCArgs); @@ -205,7 +200,6 @@ extern int XdmResetCookie(AuthRstCArgs); #ifdef SECURE_RPC extern void SecureRPCInit(AuthInitArgs); extern XID SecureRPCCheck(AuthCheckArgs); -extern XID SecureRPCToID(AuthToIDArgs); extern int SecureRPCAdd(AuthAddCArgs); extern int SecureRPCFromID(AuthFromIDArgs); extern int SecureRPCRemove(AuthRemCArgs); diff --git a/os/rpcauth.c b/os/rpcauth.c index 5680489..33260db 100644 --- a/os/rpcauth.c +++ b/os/rpcauth.c @@ -175,12 +175,6 @@ SecureRPCReset(void) return 1; } -_X_HIDDEN XID -SecureRPCToID(unsigned short data_length, char *data) -{ - return rpc_id; -} - _X_HIDDEN int SecureRPCFromID(XID id, unsigned short *data_lenp, char **datap) { diff --git a/os/xdmauth.c b/os/xdmauth.c index cb2e39e..c35cade 100644 --- a/os/xdmauth.c +++ b/os/xdmauth.c @@ -411,33 +411,6 @@ XdmResetCookie(void) return 1; } -XID -XdmToID(unsigned short cookie_length, char *cookie) -{ - XdmAuthorizationPtr auth; - XdmClientAuthPtr client; - unsigned char *plain; - - plain = malloc(cookie_length); - if (!plain) - return (XID) -1; - for (auth = xdmAuth; auth; auth = auth->next) { - XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key, - plain, cookie_length); - if ((client = - XdmAuthorizationValidate(plain, cookie_length, &auth->rho, NULL, - NULL)) != NULL) { - free(client); - free(cookie); - free(plain); - return auth->id; - } - } - free(cookie); - free(plain); - return (XID) -1; -} - int XdmFromID(XID id, unsigned short *data_lenp, char **datap) { commit ab15f65fe5d6d50e705c1064a6a5c1a0c2a8e045 Author: Matthieu Herrb <[email protected]> Date: Tue Feb 28 19:18:43 2017 +0100 Use arc4random_buf(3) if available to generate cookies. Reviewed-by: Adam Jackson <[email protected]> Signed-off-by: Matthieu Herrb <[email protected]> (cherry picked from commit 957e8db38f27932d353e86e9aa69cf16778b18f1) diff --git a/configure.ac b/configure.ac index 62cd547..610de09 100644 --- a/configure.ac +++ b/configure.ac @@ -225,6 +225,8 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\ timingsafe_memcmp]) AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"]) +AC_CHECK_LIB([bsd], [arc4random_buf]) + AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]]) dnl Check for SO_PEERCRED #define diff --git a/include/dix-config.h.in b/include/dix-config.h.in index 4b86c1a..d357910 100644 --- a/include/dix-config.h.in +++ b/include/dix-config.h.in @@ -125,6 +125,9 @@ /* Build a standalone xpbproxy */ #undef STANDALONE_XPBPROXY +/* Define to 1 if you have the `bsd' library (-lbsd). */ +#undef HAVE_LIBBSD + /* Define to 1 if you have the `m' library (-lm). */ #undef HAVE_LIBM @@ -161,6 +164,9 @@ /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */ #undef HAVE_RPCSVC_DBM_H +/* Define to 1 if you have the `arc4random_buf' function. */ +#undef HAVE_ARC4RANDOM_BUF + /* Define to use libc SHA1 functions */ #undef HAVE_SHA1_IN_LIBC diff --git a/os/auth.c b/os/auth.c index 7da6fc6..81164a2 100644 --- a/os/auth.c +++ b/os/auth.c @@ -45,6 +45,9 @@ from The Open Group. #ifdef WIN32 #include <X11/Xw32defs.h> #endif +#ifdef HAVE_LIBBSD +#include <bsd/stdlib.h> /* for arc4random_buf() */ +#endif struct protocol { unsigned short name_length; @@ -303,11 +306,15 @@ GenerateAuthorization(unsigned name_length, void GenerateRandomData(int len, char *buf) { +#ifdef HAVE_ARC4RANDOMBUF + arc4random_buf(buf, len); +#else int fd; fd = open("/dev/urandom", O_RDONLY); read(fd, buf, len); close(fd); +#endif } #endif /* XCSECURITY */ commit 3f61c7a09b220805ee6778f4bf2f429e3df8e37a Author: Matthieu Herrb <[email protected]> Date: Tue Feb 28 19:18:25 2017 +0100 Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624 Provide the function definition for systems that don't have it. Signed-off-by: Matthieu Herrb <[email protected]> Reviewed-by: Alan Coopersmith <[email protected]> (cherry picked from commit d7ac755f0b618eb1259d93c8a16ec6e39a18627c) diff --git a/configure.ac b/configure.ac index 770c3e6..62cd547 100644 --- a/configure.ac +++ b/configure.ac @@ -221,7 +221,8 @@ AC_CHECK_FUNCS([backtrace ffs geteuid getuid issetugid getresuid \ mmap posix_fallocate seteuid shmctl64 strncasecmp vasprintf vsnprintf \ walkcontext setitimer poll epoll_create1]) AC_CONFIG_LIBOBJ_DIR([os]) -AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup]) +AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\ + timingsafe_memcmp]) AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"]) AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]]) diff --git a/include/dix-config.h.in b/include/dix-config.h.in index 4f020e5..4b86c1a 100644 --- a/include/dix-config.h.in +++ b/include/dix-config.h.in @@ -238,6 +238,9 @@ /* Define to 1 if you have the <sys/utsname.h> header file. */ #undef HAVE_SYS_UTSNAME_H +/* Define to 1 if you have the `timingsafe_memcmp' function. */ +#undef HAVE_TIMINGSAFE_MEMCMP + /* Define to 1 if you have the <tslib.h> header file. */ #undef HAVE_TSLIB_H diff --git a/include/os.h b/include/os.h index d2c41b4..aa231f5 100644 --- a/include/os.h +++ b/include/os.h @@ -590,6 +590,11 @@ extern _X_EXPORT char * strndup(const char *str, size_t n); #endif +#ifndef HAVE_TIMINGSAFE_MEMCMP +extern _X_EXPORT int +timingsafe_memcmp(const void *b1, const void *b2, size_t len); +#endif + /* Logging. */ typedef enum _LogParameter { XLOG_FLUSH, diff --git a/os/mitauth.c b/os/mitauth.c index 768a52a..efae440 100644 --- a/os/mitauth.c +++ b/os/mitauth.c @@ -76,7 +76,7 @@ MitCheckCookie(unsigned short data_length, for (auth = mit_auth; auth; auth = auth->next) { if (data_length == auth->len && - memcmp(data, auth->data, (int) data_length) == 0) + timingsafe_memcmp(data, auth->data, (int) data_length) == 0) return auth->id; } *reason = "Invalid MIT-MAGIC-COOKIE-1 key"; diff --git a/os/timingsafe_memcmp.c b/os/timingsafe_memcmp.c new file mode 100644 index 0000000..36ab362 --- /dev/null +++ b/os/timingsafe_memcmp.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2014 Google Inc. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <limits.h>
