Re: [PATCH] Introduce the authorizer protocol

[Mariusz Ceier]

Hi,

On 25 November 2015 at 16:14, Pekka Paalanen <ppaala...@gmail.com> wrote:

> On Tue, 24 Nov 2015 18:07:34 +0100
> Mariusz Ceier <mceier+wayl...@gmail.com> wrote:
>
> > Hi,
> >
> > On 24 November 2015 at 17:35, Giulio Camuffo <giuliocamu...@gmail.com>
> > wrote:
> >
> > > 2015-11-24 18:16 GMT+02:00 Mariusz Ceier <mceier+wayl...@gmail.com>:
> > > > Hi,
> > > >   How the clients will know:
> > > > a) which interface is restricted and which is not ?
> > >
> > > It doesn't, but does it need to know it? It can still ask for
> > > authorization even if the interface is not.
> > >
> > >
> > I think it should - otherwise client, that wants to run on as many
> > compositors as possible, would have to send authorize requests for every
> > interface, since different compositors can implement different policies
> and
> > interface in one compositor can be unrestricted while in another
> > restricted.
>
> Why should we separate restricted interfaces in the registry level? Or
> at all?
>
>
Because binding restricted interface kills client and since interface
specification doesn't tell if that interface is restricted or not, binding
would be a gamble for client. Also to authorize the client to use of
restricted interface, authorizer object needs to be created - that means
restricted interfaces can't be bound before authorizer object is announced,
and that means restricted interfaces can't be announced before authorizer
is announced, unless client can bind them later (which I don't think is a
case).

The interface specification needs to say whether it is restricted or
> not. If a compositor does not care about restricting it, it'll just
> always answer "yes."
>

Even if interface specification would include information whether it's
restricted or not, that information would have to be included in protocol -
since later versions of protocol can become restricted.


> When you design a new protocol extension, I can't imagine that you
> would not know if it needs to be restricted or not. Do you have any
> example to the contrary?
>

I think it may be the case during development and even after it gets
stabilized.
It may be unrestricted at first, but then someone might find security bug
(in design) or request requiring privileged access could be added - in
these cases compositors probably would like to restrict access to that
interface.
In v1 of authorizer that would mean, that clients which assumed that
specific interfaces are unrestricted would be killed by compositor.
And in v2 authorizer clients would know that they need to send authorize
request first - since interface wouldn't be available in wl_registry but
only in wl_restricted_registry.


> > > > b) that the compositor implements restricted interface ? should they
> be
> > > > visible in the registry ?
> > >
> > > Well, they are normal globals so they will are available in the
> > > registry. If needed, this interface could
> > > send out a list of the restricted ones, but i'm not sure it is.
> > >
> > >
> > If they're normal globals - registry will contain a mix of restricted and
> > unrestricted interfaces, and in current state clients won't know which is
> > restricted and which is not, and binding to restricted interface will
> kill
> > client - are we playing russian roulette ? ;)
>
> Clients do not go binding random globals without knowing the
> specification.
>

Still specification doesn't say which protocol is restricted and which is
not. In v1 authorizer clients can't assume that specific interface is
always unrestricted (it could become restricted in later version or
compositor could implement different policy), so they would have to send
authorize request for each interface they use.


>
> > I think something like wl_registry but for restricted interfaces only,
> may
> > be a better solution.
>
> I see no need for this.
>
> > Also since authorizer is another global, it would have to be announced
> > before any restricted interface, right ?
> > That requirement probably should be added to description.
>
> There is no such requirement. Clients *must* deal with arbitrary
> announcements orders anyway.
>
> Except they would get killed for trying to bind  restricted interface
without sending authorize request - and they can't send it before getting
authorizer object (in v1). So v1 introduces weak order here.

>
> Thanks,
> pq
>

Mariusz Ceier
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [RFC wayland-protocols v2] Introduce the restricted_registry protocol

[Mariusz Ceier]

Hi,
   It's missing README, but otherwise it looks good to me:

Reviewed-by: Mariusz Ceier <mceier+wayl...@gmail.com>

Mariusz Ceier

On 25 November 2015 at 15:10, Giulio Camuffo <giuliocamu...@gmail.com>
wrote:

> This new extension is used by clients wanting to execute priviledged
> actions such as taking a screenshot.
> The usual way of granting special priviledged to apps is to fork and
> exec them in the compositor, and then checking if the client is the
> known one when it binds the restricted global interface. This works
> but is quite limited, as it doesn't allow the compositor to ask the
> user if the app is trusted, because it can't wait for the answer in
> the bind function as that would block the compositor.
> This new protocol instead allows the answer to come after some time
> without blocking the compositor or the client.
> ---
>
> v2: renamed to restricted_registry.
> It now replaces wl_registry entirely for the restricted interfaces
> and hence it makes it lets clients know for sure that the globals
> in wl_registry are not restricted, and which are the restricted
> ones.
>
>
>  Makefile.am|   1 +
>  .../restricted-registry/restricted-registry-v1.xml | 148
> +
>  2 files changed, 149 insertions(+)
>  create mode 100644 unstable/restricted-registry/restricted-registry-v1.xml
>
> diff --git a/Makefile.am b/Makefile.am
> index a32e977..bfe9a6a 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -5,6 +5,7 @@ unstable_protocols =
>   \
> unstable/text-input/text-input-unstable-v1.xml
>   \
> unstable/input-method/input-method-unstable-v1.xml
>   \
> unstable/xdg-shell/xdg-shell-unstable-v5.xml
>   \
> +   unstable/authorizer/authorizer-unstable-v1.xml
> $(NULL)
>
>  nobase_dist_pkgdata_DATA =
>  \
> diff --git a/unstable/restricted-registry/restricted-registry-v1.xml
> b/unstable/restricted-registry/restricted-registry-v1.xml
> new file mode 100644
> index 000..8c9224f
> --- /dev/null
> +++ b/unstable/restricted-registry/restricted-registry-v1.xml
> @@ -0,0 +1,148 @@
> +
> +
> +
> +  
> +Copyright © 2015 Giulio Camuffo.
> +
> +Permission to use, copy, modify, distribute, and sell this
> +software and its documentation for any purpose is hereby granted
> +without fee, provided that the above copyright notice appear in
> +all copies and that both that copyright notice and this permission
> +notice appear in supporting documentation, and that the name of
> +the copyright holders not be used in advertising or publicity
> +pertaining to distribution of the software without specific,
> +written prior permission.  The copyright holders make no
> +representations about the suitability of this software for any
> +purpose.  It is provided "as is" without express or implied
> +warranty.
> +
> +THE COPYRIGHT HOLDERS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
> +SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
> +FITNESS, IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY
> +SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
> +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
> +AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
> +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
> +THIS SOFTWARE.
> +  
> +
> +  
> +
> +  This global interface acts as a wl_registry for restricted
> interfaces.
> +
> +  The globals advertized through this extension are not available
> +  through the normal wl_registry, and are not bindable by all the
> +  clients.
> +  When the clients creates a new zwp_restricted_registry_v1 object,
> +  it will advertize the existing restricted globals through the global
> +  event. These globals are not immediately bindable, but the client
> +  needs to be authorized first. To do so, the clients should send
> +  the authorize request for each global it whishes to bind, and then
> +  notify the compositor it whishes to be authorized by using the
> +  commit_authorization request. The compositor will then process the
> +  request and then send the list of authorized globals with the
> +  global_authorized event, followed by the authorization_done event.
> +  The client can bind the authorized globals when they are advertized
> +  but trying to bind any other will trigger a protocol error killing
> +  the client.
> +
> +  The list of restricted interfaces is compositor de

Re: [PATCH] Introduce the authorizer protocol

[Mariusz Ceier]

Hi,

On 24 November 2015 at 17:35, Giulio Camuffo <giuliocamu...@gmail.com>
wrote:

> 2015-11-24 18:16 GMT+02:00 Mariusz Ceier <mceier+wayl...@gmail.com>:
> > Hi,
> >   How the clients will know:
> > a) which interface is restricted and which is not ?
>
> It doesn't, but does it need to know it? It can still ask for
> authorization even if the interface is not.
>
>
I think it should - otherwise client, that wants to run on as many
compositors as possible, would have to send authorize requests for every
interface, since different compositors can implement different policies and
interface in one compositor can be unrestricted while in another
restricted.


> > b) that the compositor implements restricted interface ? should they be
> > visible in the registry ?
>
> Well, they are normal globals so they will are available in the
> registry. If needed, this interface could
> send out a list of the restricted ones, but i'm not sure it is.
>
>
If they're normal globals - registry will contain a mix of restricted and
unrestricted interfaces, and in current state clients won't know which is
restricted and which is not, and binding to restricted interface will kill
client - are we playing russian roulette ? ;)

I think something like wl_registry but for restricted interfaces only, may
be a better solution.

Also since authorizer is another global, it would have to be announced
before any restricted interface, right ?
That requirement probably should be added to description.

>
> > If the client would like to use many restricted interfaces, it would
> have to
> > issue multiple authorize requests - probably causing compositor to show
> many
> > popups/notifications. I think it would be better to send list of
> interfaces
> > and receive back a list of interfaces for which access was granted
> instead.
>
> That's a valid point... i don't think wl_array works for strings
> though, so instead i'd add a way to group requests together.
>
>
> --
> Giulio
>
> >
> > Mariusz Ceier
> >
> >
> > On 24 November 2015 at 16:16, Giulio Camuffo <giuliocamu...@gmail.com>
> > wrote:
> >>
> >> This new extension is used by clients wanting to execute priviledged
> >> actions such as taking a screenshot.
> >> The usual way of granting special priviledged to apps is to fork and
> >> exec them in the compositor, and then checking if the client is the
> >> known one when it binds the restricted global interface. This works
> >> but is quite limited, as it doesn't allow the compositor to ask the
> >> user if the app is trusted, because it can't wait for the answer in
> >> the bind function as that would block the compositor.
> >> This new protocol instead allows the answer to come after some time
> >> without blocking the compositor or the client.
> >> ---
> >>
> >> For reference, i've implemented this in orbital[0] and it's used by
> >> the screenshooter tool[1]. The name is different but it works exaclty
> >> the same as this one.
> >> One thing missing is how the revoke authorization, if even want/need it?
> >>
> >> 0:
> >>
> https://github.com/giucam/orbital/blob/master/src/compositor/authorizer.cpp
> >> 1:
> >>
> https://github.com/giucam/orbital/blob/master/src/screenshooter/main.cpp#L301
> >>
> >>
> >>  Makefile.am|  1 +
> >>  unstable/authorizer/authorizer-unstable-v1.xml | 90
> >> ++
> >>  2 files changed, 91 insertions(+)
> >>  create mode 100644 unstable/authorizer/authorizer-unstable-v1.xml
> >>
> >> diff --git a/Makefile.am b/Makefile.am
> >> index a32e977..bfe9a6a 100644
> >> --- a/Makefile.am
> >> +++ b/Makefile.am
> >> @@ -5,6 +5,7 @@ unstable_protocols =
> >> \
> >> unstable/text-input/text-input-unstable-v1.xml
> >> \
> >> unstable/input-method/input-method-unstable-v1.xml
> >> \
> >> unstable/xdg-shell/xdg-shell-unstable-v5.xml
> >> \
> >> +   unstable/authorizer/authorizer-unstable-v1.xml
> >> $(NULL)
> >>
> >>  nobase_dist_pkgdata_DATA =
> >> \
> >> diff --git a/unstable/authorizer/authorizer-unstable-v1.xml
> >> b/unstable/authorizer/authorizer-unstable-v1.xml
> >> new file mode 100644
> >> index 000..f10dd0e
> >> --- /dev/null
> >> +++ b/unstable/authorizer/authorizer-unstable-v1.xml
> >> @@ -0,0 +1,90 @@
> >> +
> >> +
> >> +

Re: [PATCH] Introduce the authorizer protocol

[Mariusz Ceier]

Hi,
  How the clients will know:
a) which interface is restricted and which is not ?
b) that the compositor implements restricted interface ? should they be
visible in the registry ?

If the client would like to use many restricted interfaces, it would have
to issue multiple authorize requests - probably causing compositor to show
many popups/notifications. I think it would be better to send list of
interfaces and receive back a list of interfaces for which access was
granted instead.

Mariusz Ceier


On 24 November 2015 at 16:16, Giulio Camuffo <giuliocamu...@gmail.com>
wrote:

> This new extension is used by clients wanting to execute priviledged
> actions such as taking a screenshot.
> The usual way of granting special priviledged to apps is to fork and
> exec them in the compositor, and then checking if the client is the
> known one when it binds the restricted global interface. This works
> but is quite limited, as it doesn't allow the compositor to ask the
> user if the app is trusted, because it can't wait for the answer in
> the bind function as that would block the compositor.
> This new protocol instead allows the answer to come after some time
> without blocking the compositor or the client.
> ---
>
> For reference, i've implemented this in orbital[0] and it's used by
> the screenshooter tool[1]. The name is different but it works exaclty
> the same as this one.
> One thing missing is how the revoke authorization, if even want/need it?
>
> 0:
> https://github.com/giucam/orbital/blob/master/src/compositor/authorizer.cpp
> 1:
> https://github.com/giucam/orbital/blob/master/src/screenshooter/main.cpp#L301
>
>
>  Makefile.am|  1 +
>  unstable/authorizer/authorizer-unstable-v1.xml | 90
> ++
>  2 files changed, 91 insertions(+)
>  create mode 100644 unstable/authorizer/authorizer-unstable-v1.xml
>
> diff --git a/Makefile.am b/Makefile.am
> index a32e977..bfe9a6a 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -5,6 +5,7 @@ unstable_protocols =
>   \
> unstable/text-input/text-input-unstable-v1.xml
>   \
> unstable/input-method/input-method-unstable-v1.xml
>   \
> unstable/xdg-shell/xdg-shell-unstable-v5.xml
>   \
> +   unstable/authorizer/authorizer-unstable-v1.xml
> $(NULL)
>
>  nobase_dist_pkgdata_DATA =
>  \
> diff --git a/unstable/authorizer/authorizer-unstable-v1.xml
> b/unstable/authorizer/authorizer-unstable-v1.xml
> new file mode 100644
> index 000..f10dd0e
> --- /dev/null
> +++ b/unstable/authorizer/authorizer-unstable-v1.xml
> @@ -0,0 +1,90 @@
> +
> +
> +
> +  
> +Copyright © 2015 Giulio Camuffo.
> +
> +Permission to use, copy, modify, distribute, and sell this
> +software and its documentation for any purpose is hereby granted
> +without fee, provided that the above copyright notice appear in
> +all copies and that both that copyright notice and this permission
> +notice appear in supporting documentation, and that the name of
> +the copyright holders not be used in advertising or publicity
> +pertaining to distribution of the software without specific,
> +written prior permission.  The copyright holders make no
> +representations about the suitability of this software for any
> +purpose.  It is provided "as is" without express or implied
> +warranty.
> +
> +THE COPYRIGHT HOLDERS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
> +SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
> +FITNESS, IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY
> +SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
> +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
> +AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
> +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
> +THIS SOFTWARE.
> +  
> +
> +  
> +
> +  This global interface allows clients to ask the compositor the
> +  authorization to bind certain restricted global interfaces.
> +  Any client that aims to bind restricted interfaces should first
> +  request the authorization by using this interface. Failing to do
> +  so will result in the compositor sending a protocol error to the
> +  client when it binds the restricted interface.
> +
> +  The list of restricted interfaces is compositor dependant, but must
> +  not include the core interfaces defined in wayland.xml. However, if
> +  an authorization request is done for a non-restricted interface the
> +  compositor must reply with a grant.
> +
> +
> +

Re: [PATCH wayland-protocols 1/2] Introduce wp_relative_pointer interface

[Mariusz Ceier]

nd the
> interface
> +  version number is reset.
> +
>

I think that it would be better to link to README in wayland-protocols
repository that describes this procedure in detail, rather than duplicating
this in each protocol file. Also README doesn't define experimental
protocols - instead it uses unstable term.
Therefore, something like this might be better:

"Warning! The protocol described in this file is unstable and backward
incompatible changes may be made. See
http://cgit.freedesktop.org/wayland/wayland-protocols/plain/README for
details."


> +
> +
> +  
> +   Used by the client to notify the server that it will no longer use
> this
> +   relative pointer manager object.
> +  
> +
> +
> +
> +  
> +   Create a relative pointer interface given a wl_pointer object. See
> the
> +   wp_relative_pointer interface for more details.
> +  
> +
> +  
> +  
> +
> +  
> +
> +  
> +
> +  A wp_relative_pointer object is an extension to the wl_pointer
> interface
> +  used for emitting relative pointer events. It shares the same focus
> as
> +  wl_pointer objects of the same seat and will only emit events when
> it has
> +  focus.
> +
> +
> +
> +  
> +
> +
> +
> +  
> +   Relative x/y pointer motion from the pointer of the seat
> associated with
> +   this object.
> +
> +   A relative motion is in the same dimension as regular wl_pointer
> motion
> +   events, except they do not represent an absolute position. For
> example,
> +   moving a pointer from (x, y) to (x', y') would have the equivalent
> +   relative motion (x' - x, y' - y). If a pointer motion caused the
> +   absolute pointer position to be clipped by for example the edge of
> the
> +   monitor, the relative motion is unaffected by the clipping and will
> +   represent the unclipped motion.
> +
> +   This event also contains non-accelerated motion deltas. The
> +   non-accelerated delta is, when applicable, the regular pointer
> motion
> +   delta as it was before having applied motion acceleration and other
> +   transformations such as normalization.
> +
> +   Note that the non-accelerated delta does not represent 'raw'
> events as
> +   they were read from some device. Pointer motion acceleration is
> device-
> +   and configuration-specific and non-accelerated deltas and
> accelerated
> +   deltas may have the same value on some devices.
> +
> +   Relative motions are not coupled to wl_pointer.motion events, and
> can be
> +   sent in combination with such events, but also independently.
> There may
> +   also be scenarious where wl_pointer.motion is sent, but there is no
> +   relative motion. The order of an absolute and relative motion event
> +   originating from the same physical motion is not guaranteed.
> +
> +   If the client needs button events or focus state, it can receive
> them
> +   from a wl_pointer object of the same seat that the
> wp_relative_pointer
> +   object is associated with.
> +  
> +
> +   +  summary="high 32 bits of a 64 bit timestamp with microsecond
> granularity"/>
> +   +  summary="low 32 bits of a 64 bit timestamp with microsecond
> granularity"/>
> +   +  summary="the x component of the motion vector"/>
> +   +  summary="the y component of the motion vector"/>
> +   +  summary="the x component of the unaccelerated motion vector"/>
> +   +  summary="the y component of the unaccelerated motion vector"/>
> +
> +  
> +
> +
> --
> 2.4.3
>
>
Mariusz Ceier
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH weston 00/10] weston wayland-protocols migration

[Mariusz Ceier]

Hi,
   Weston doesn't compile with this patchset - some source files in clients
directory still use old or removed headers.
I had to replace xdg-shell-server-protocol.h in desktop-shell/shell.c
with xdg-shell-unstable-v5-server-protocol.h and disable clients
compilation in order to be able to compile weston.
If that's not an issue:

Reviewed-by: Mariusz Ceier <mceier+wayl...@gmail.com>

Mariusz Ceier

On 4 November 2015 at 09:49, Jonas Ådahl <jad...@gmail.com> wrote:

> Hi,
>
> This series changes weston to depend on wayland-protocols for the
> majority of the protocols previously in the protocols/ directory. The
> protocols moved are also renamed to comply with the unstable naming
> conventions of wayland-protocols, with the exception of xdg_shell which
> will use the current name until the next version.
>
> I'd appreciate if maintainers of given protocols could at least Ack the
> patch changing their protocol implementation, as a semi formal stamp of
> approval of the name change.
>
> Other than that, the workspaces protocol is removed, mostly because it
> wasn't a significant enough proof of concept needed for any particular
> feature. text-cursor-position.xml however I have left intact, because
> without it the zoom accessibility feature proof of concept becomes
> a bit too useless. I'd prefer to prefix it with something like toy_ or
> weston_, but would like to hear input on this one. Given that it is
> completely undocumented it is quite far from a real attempt, but it
> seems like something that will be needed sooner or later for
> accessibility reasons, so not sure what to do with it right now.
>
> Things that seemed more weston specific was weston_ prefixed. The
> screenshooter protocol and the desktop shell protocol fell into this
> category.
>
> Another protocol left to migrate is scalar.xml. I didn't do this yet
> because Pekka had plans on renaming it, and I'll simply wait until he
> has a name for it before migrating anything.
>
> Other than that, the wayland-protocols have shaped up some, with the
> pointer gestures protocol as well as the protocols of this series
> migrated there. I wouldn't mind if people went and had a look to see if
> there are any opinions of how things should work before we make an
> initial release. The procedures and some details are explained in the
> README file in the toplevel directory.
>
> One current inconvenience that would be nice with some opinions is what
> to do with unstable protocol files after a protocol has been declared
> stable. Currently specified to work by having one directory containing
> the stable XML file together with a README in the stable/ toplevel
> directory, and yet another directory containing the unstable protocol
> files together with a README in the unstable/ directory. This seems a bit
> backward to me. Deprecating a protocol by moving it into deprecated/
> would still require us to have the protocol in the stable/ and probably
> even in the unstable/ directory. This all is a bit awkward to me. One
> idea is restructure the tree a bit and put protocols in the directory of
> the current state (stable/unstable/obsolete) and then keep the old XML
> files in subdirectories in there, having the Makefile deal with
> installing XML files appropriately in the corresponding
> stable/unstable/obsolete directories. Or we could have all protocols in
> the toplevel directory and always have the corresponding XML files in
> stable/unstable/obsolete subdirectories and just installing that. Any
> opinions about this?
>
>
> Jonas
>
>
> Jonas Ådahl (10):
>   Use fullscreen-shell.xml from wayland-protocols
>   Use linux-dmabuf protocol from wayland-protocols
>   Use presentation timing protocol from wayland-protocols
>   Use text input protocol from wayland-protocols
>   Use input method protocol from wayland-protocols
>   Makefile.am: Make the external xml scanning rule version generic
>   Use xdg_shell protocol from wayland-protocols
>   desktop-shell: Rename protocol weston_desktop_shell
>   Rename screenshooter protocol to weston_screenshooter
>   Remove workspaces protocol
>
>  Makefile.am | 194 ++--
>  clients/desktop-shell.c |  79 ++---
>  clients/editor.c| 119 +++
>  clients/fullscreen.c|  60 ++--
>  clients/keyboard.c  | 186 +--
>  clients/presentation-shm.c  |  65 ++--
>  clients/screenshot.c|  21 +-
>  clients/simple-damage.c |  18 +-
>  clients/simple-dmabuf.c |  74 ++---
>  clients/simple-shm.c|  18 +-
>  clients/weston-info.c   |  19 +-
>  clients/weston-simple-im.c  | 122 +++
>  cl

Re: Unstable protocol name breakage

[Mariusz Ceier]

Hi,

On 20 October 2015 at 04:22, Jonas Ådahl <jad...@gmail.com> wrote:

> Hi again,
>
> I was about to start migrating generic protocols away from weston into
> wayland-protocols. The idea was to start with input-method.xml, text.xml,
> linux-dmabuf.xml, presentation_timing.xml, scaler.xml and xdg-shell.xml.
> The
> question, however, is what to do with the names, because some names already
> have the form "wl_[name]", and renaming such an interface to "zwl_[name]1"
> during the unstable period, and then back to "wl_[name]" will cause
> potential
> breakage because some implementations in the wild might expect the
> "wl_[name]"
> to be the original (ancient) version.
>
> As mentioned before, I have already moved the fullscreen shell protocol,
> and
> with the naming schema changes in place, it ended up with the protocol name
> "fullscreen-shell-unstable-v1", the interfaces zwl_fullscreen_shell1, and
> zwl_fullscreen_shell_mode_feedback1.
>
> linux-dmabuf.xml is also easy. Since it is already 'z' prefix, to comply
> with
> the intended naming schema, I'd just need to rename the interfaces to
> zlinux_dmabuf1 and zlinux_buffer_params1, and the protocol to
> linux-dmabuf-unstable-v1.
>
> presentation_timing.xml: I suppose this one can be renamed without any
> significant implications, since it currently is completely prefix free. I
> imagine it'd be zwl_presentation1 and zwl_presentation_feedback1 in a
> presentation-timing-unstable-v1(.xml) protocol.
>
> The problem is the rest of the protocols, since they all already have the
> intended stable names. This means we cannot apply a naming schema that
> intends
> to finally remove the prefix and postfix when declaring stable, since that
> would collide with the initial name. How to deal with these names needs to
> be
> decided, and probably so protocol by protocol.
>
> scalar.xml: As far as I know, Pekka has plans to change scalar.xml, and
> plan to
> do so with a name change. So as far as I understand, we need to rename this
> one.
>
> input-method.xml: This one I think might actually be fine to just apply the
> naming schema, as the protocol itself has Wayland core principle violations
> that need to be solved, i.e. any implementor of this is already broken (by
> principle).
>
>
Since it's broken by principle, can't input-method.xml be marked as
deprecated (e.g. by implementing/using top-level deprecated attribute ) ?
Then leave it in weston as weston-specific protocol, that generates
deprecation warnings during compilation and maybe when used by clients
connecting to weston; and in wayland-protocols add new protocol that's not
broken by principle (but may be based on input-method).

Deprecation can also be used for other problematic protocols, but I'm not
sure if that's good idea if such protocol is not broken.

text.xml: This one I'm not so sure about. Has it ever been implemented
> outside
> of weston except only as a proof of concept? Would it be fine to use the
> same
> name?
>
> xdg-shell.xml: Should we bite the bullet and rename this one, or just
> continue
> letting its stability state be non-discoverable? It's clearly already
> used, and
> renaming it will be painful, so not sure about this one.
>
>
Maybe we should at first stabilise protocols that are used, not broken and
renaming them will be painful ?


> Then comes the IVI protocols. I have no opinions about these, and I don't
> know
> what any plan with them might be. Should they be moved, or are they purely
> a
> weston thing?
>
> For the rest of the protocols (desktop-shell.xml, screenshooter.xml,
> text-cursor-position.xml, weston-test.xml, workspaces.xml) I plan to leave
> them
> be, as they either are purely weston internal, simple toy protocols or
> have no
> consesus that they are to be ever be official protocols.
>
> So what should we do about these naming issues? It should have been clear
> that
> all of these are experimental protocols, but due to the fact that some may
> have
> started to use these outside of weston anyway even though they being
> experimental, is it Ok for us to start causing them to break? If not, what
> may
> some alternative names be?
>
>
> Jonas
>


Mariusz Ceier
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: Unstable protocol name breakage

[Mariusz Ceier]

On 20 October 2015 at 05:59, Jonas Ådahl <jad...@gmail.com> wrote:

> On Tue, Oct 20, 2015 at 05:26:45AM +0200, Mariusz Ceier wrote:
> > Hi,
> >
> > On 20 October 2015 at 04:22, Jonas Ådahl <jad...@gmail.com> wrote:
> >
> > > Hi again,
> > >
> > > I was about to start migrating generic protocols away from weston into
> > > wayland-protocols. The idea was to start with input-method.xml,
> text.xml,
> > > linux-dmabuf.xml, presentation_timing.xml, scaler.xml and
> xdg-shell.xml.
> > > The
> > > question, however, is what to do with the names, because some names
> already
> > > have the form "wl_[name]", and renaming such an interface to
> "zwl_[name]1"
> > > during the unstable period, and then back to "wl_[name]" will cause
> > > potential
> > > breakage because some implementations in the wild might expect the
> > > "wl_[name]"
> > > to be the original (ancient) version.
> > >
> > > As mentioned before, I have already moved the fullscreen shell
> protocol,
> > > and
> > > with the naming schema changes in place, it ended up with the protocol
> name
> > > "fullscreen-shell-unstable-v1", the interfaces zwl_fullscreen_shell1,
> and
> > > zwl_fullscreen_shell_mode_feedback1.
> > >
> > > linux-dmabuf.xml is also easy. Since it is already 'z' prefix, to
> comply
> > > with
> > > the intended naming schema, I'd just need to rename the interfaces to
> > > zlinux_dmabuf1 and zlinux_buffer_params1, and the protocol to
> > > linux-dmabuf-unstable-v1.
> > >
> > > presentation_timing.xml: I suppose this one can be renamed without any
> > > significant implications, since it currently is completely prefix
> free. I
> > > imagine it'd be zwl_presentation1 and zwl_presentation_feedback1 in a
> > > presentation-timing-unstable-v1(.xml) protocol.
> > >
> > > The problem is the rest of the protocols, since they all already have
> the
> > > intended stable names. This means we cannot apply a naming schema that
> > > intends
> > > to finally remove the prefix and postfix when declaring stable, since
> that
> > > would collide with the initial name. How to deal with these names
> needs to
> > > be
> > > decided, and probably so protocol by protocol.
> > >
> > > scalar.xml: As far as I know, Pekka has plans to change scalar.xml, and
> > > plan to
> > > do so with a name change. So as far as I understand, we need to rename
> this
> > > one.
> > >
> > > input-method.xml: This one I think might actually be fine to just
> apply the
> > > naming schema, as the protocol itself has Wayland core principle
> violations
> > > that need to be solved, i.e. any implementor of this is already broken
> (by
> > > principle).
> > >
> > >
> > Since it's broken by principle, can't input-method.xml be marked as
> > deprecated (e.g. by implementing/using top-level deprecated attribute ) ?
> > Then leave it in weston as weston-specific protocol, that generates
> > deprecation warnings during compilation and maybe when used by clients
> > connecting to weston; and in wayland-protocols add new protocol that's
> not
> > broken by principle (but may be based on input-method).
>
> Not sure what you mean with top-level deprecated attribute (attributes
> on some C code? or disable the text-backend by default whith a warning
> if its enabled?).


I meant adding deprecated attribute to top-level  element in .xml
file, that would instruct
wayland scanner to generate deprecated attributes for every interface
that's defined in this xml file.

If we disable it by default we'd just break third
> party clients (and can just as well move and rename), and I don't think
> we should have compiler warning by default.
>
>
I didn't mean disabling it - just generate deprecation warning at runtime
(in weston) and compile time when client uses deprecated protocol.

I don't know if it should be deprecated though; the broken-ness is that
> it breaks the single-origin of object factories because it creates a
> wl_keyboard, but that can be fixed.
>
>
Will the fix most likely break existing clients ?
If yes - do we care about that (since protocol is not yet stable, we don't
have to) ? If yes - IMO current input-method should be deprecated, left in
weston (as weston-specific) and new protocol created in wayland-protocols.
In all other situations - input-method.xml should be fixed, 'z' prefix
added and such modified protocol mov

Re: State of Wayland protocol development

[Mariusz Ceier]

;
> > >> > [0] https://github.com/jadahl/wayland-protocols (only on github for
> > >> > demonstration)
> > >> > [1]
> https://github.com/jadahl/weston/commit/caf37bb527740b5792260deaabc1ce33678351e5
> > >>
> > >> The idea of the Weston patch looks good to me too.
> > >>
> > >> However, could we use git submodule to automate the fetching or a
> > >> recent-enough revision of wayland-protocols? It might prevent some
> > >> weston FTBFS questions, when we depend on unreleased versions. Or was
> > >> the idea to release wayland-protocols often enough so we could always
> > >> just rely on the pkg-config version check in configure.ac? That would
> > >> be fine too.
> > >
> > > I don't think we should restrict ourself to using it as a git
> submodule.
> > > It would for example not be possible if you use Mercurial or some other
> > > version control system (SDL comes to mind as an example of that).
> > > Releases could be made on-demand, meaning it wouldn't be a problem for
> > > weston to depend on a particular version.
> > >
> > > I'd also expect weston master to depend on wayland master as well as
> > > wayland-protocols master, far that matter.
> >
> > Agreed, but indeed that doesn't preclude Weston from using it as a git
> > submodule - just as long as we're considerate of other users who will
> > need releases.
>
> True. Not that I see the actual point though (I only see the installing
> being less tested).
>
> >
> > Thanks a lot for doing this Jonas; it sounds good to me. How about we:
> >   - wait until Monday or Tuesday to see if anyone can pick concrete
> > holes in this proposal
>
> AFAIU Wayland development is the least active on weekends so can just
> wait for some more days so work-days contributors have the time to
> react.
>
>   - if none, I can create the repository then, with the usual Wayland ACL
> >   - patch Weston master to include protocols as a submodule
> >   - patch Weston to move its development protocols (xdg-shell,
> > linux-dmabuf, presentation_timing, scaler) to protocols
> >   - go ahead and commit the protocols you and Carlos have been working
> > on (gestures, pointer-lock/rel-pointer, new DnD)
> >   - document all of the above
>
> Sounds like a plan to me, except the DND changes poke at wayland.xml and
> moving wayland.xml into wayland-protocols/ is not something I've thought
> very much about. Should we?
>
> >
> > I'll ack the Weston patches as long as they pass distcheck, and you
> > can then just commit them directly.
> >
> > Cheers,
> > Daniel
>
>
> Jonas
>


Mariusz Ceier
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH wayland 1/2] tests: C++ compilation test

[Mariusz Ceier]

Hi,

On 19 December 2014 at 15:20, Marek Chalupa mchqwe...@gmail.com wrote:

 Hi,

 git tells me that this patch adds white space error (new line before EOF)



On 15 December 2014 at 11:33, Mariusz Ceier mceier+wayl...@gmail.com
 wrote:

 This test includes one of wayland headers, which produced
 error with C++ compiler. C compiler can't be used for this test,
 because it issues only a warning[1] and only when wayland headers
 are not installed in system headers path (/usr/include).

 [1] wayland-server-protocol.h:201:2: warning: implicit declaration of
 function ‘wl_resource_post_event’

 Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
 ---
  Makefile.am| 4 +++-
  configure.ac   | 1 +
  tests/cpp-compile-test.cpp | 5 +
  3 files changed, 9 insertions(+), 1 deletion(-)
  create mode 100644 tests/cpp-compile-test.cpp

 diff --git a/Makefile.am b/Makefile.am
 index 1551762..ea9ffc1 100644
 --- a/Makefile.am
 +++ b/Makefile.am
 @@ -128,7 +128,8 @@ TESTS = \
 queue-test  \
 signal-test \
 resources-test  \
 -   message-test
 +   message-test\
 +   cpp-compile-test

  check_PROGRAMS =   \
 $(TESTS)\
 @@ -180,6 +181,7 @@ resources_test_SOURCES = tests/resources-test.c
  resources_test_LDADD = libtest-runner.la
  message_test_SOURCES = tests/message-test.c
  message_test_LDADD = libtest-runner.la
 +cpp_compile_test_SOURCES = tests/cpp-compile-test.cpp

  fixed_benchmark_SOURCES = tests/fixed-benchmark.c
  fixed_benchmark_LDADD = libtest-runner.la
 diff --git a/configure.ac b/configure.ac
 index 12dd94c..a5f7e61 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -25,6 +25,7 @@ AM_INIT_AUTOMAKE([1.11 foreign no-dist-gzip dist-xz
 subdir-objects])
  AM_SILENT_RULES([yes])

  # Check for programs
 +AC_PROG_CXX


 I'm think Wayland should be capable to compile without errors even without
 C++ compiler.
 Shouldn't we have some checks here (later in the code) to disable the
 cpp-test if the C++ compiler is not present in the environment?


I think that may be tricky, and I'm not sure how to do this properly.
This thread may be relevant:
http://lists.gnu.org/archive/html/bug-autoconf/2010-05/msg1.html


  AC_PROG_CC

  # Initialize libtool
 diff --git a/tests/cpp-compile-test.cpp b/tests/cpp-compile-test.cpp
 new file mode 100644
 index 000..1e84e63
 --- /dev/null
 +++ b/tests/cpp-compile-test.cpp
 @@ -0,0 +1,5 @@
 +/* This source should compile fine with C++ compiler */
 +#include wayland-server-protocol.h
 +
 +int main() { return 0; }


 This should not be in-lined, but I think in this case it doesn't matter at
 all, so OK.


 +
 --
 2.1.3

 ___
 wayland-devel mailing list
 wayland-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/wayland-devel


 Thanks,
 Marek

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [RFC wayland] cpp-test: check for C++ compiler

[Mariusz Ceier]

This won't work when there's C++ compiler but no 'which', but I think
that's ok, since it only affects 1 test.

Reviewed-by: Mariusz Ceier mceier+wayl...@gmail.com

On 19 December 2014 at 17:40, Marek Chalupa mchqwe...@gmail.com wrote:

 Do not try to build it if no C++ compiler is present

 Signed-off-by: Marek Chalupa mchqwe...@gmail.com
 ---
  Makefile.am  | 10 --
  configure.ac | 13 -
  2 files changed, 20 insertions(+), 3 deletions(-)

 diff --git a/Makefile.am b/Makefile.am
 index ea9ffc1..43b741a 100644
 --- a/Makefile.am
 +++ b/Makefile.am
 @@ -128,8 +128,11 @@ TESTS =\
 queue-test  \
 signal-test \
 resources-test  \
 -   message-test\
 -   cpp-compile-test
 +   message-test
 +
 +if ENABLE_CPP_TEST
 +TESTS += cpp-compile-test
 +endif

  check_PROGRAMS =   \
 $(TESTS)\
 @@ -181,7 +184,10 @@ resources_test_SOURCES = tests/resources-test.c
  resources_test_LDADD = libtest-runner.la
  message_test_SOURCES = tests/message-test.c
  message_test_LDADD = libtest-runner.la
 +
 +if ENABLE_CPP_TEST
  cpp_compile_test_SOURCES = tests/cpp-compile-test.cpp
 +endif

  fixed_benchmark_SOURCES = tests/fixed-benchmark.c
  fixed_benchmark_LDADD = libtest-runner.la
 diff --git a/configure.ac b/configure.ac
 index a5f7e61..0822d39 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -25,8 +25,19 @@ AM_INIT_AUTOMAKE([1.11 foreign no-dist-gzip dist-xz
 subdir-objects])
  AM_SILENT_RULES([yes])

  # Check for programs
 -AC_PROG_CXX
  AC_PROG_CC
 +AC_PROG_CXX
 +
 +# check if we have C++ compiler. This is hacky workaround,
 +# for a reason why it is this way see
 +# http://lists.gnu.org/archive/html/bug-autoconf/2010-05/msg1.html
 +have_cpp_compiler=yes
 +
 +if ! which $CXX /dev/null; then
 +   have_cpp_compiler=no
 +fi
 +
 +AM_CONDITIONAL(ENABLE_CPP_TEST, test x$have_cpp_compiler = xyes)

  # Initialize libtool
  LT_PREREQ([2.2])
 --
 2.1.0

 ___
 wayland-devel mailing list
 wayland-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/wayland-devel

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH wayland 2/2] scanner: Fix header generatation for server protocols

[Mariusz Ceier]

Server protocols headers should include wayland-server.h,
instead of wayland-util.h. Otherwise they're not useable
with C++ compiler unless wayland-server.h was included
earlier.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 src/scanner.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/scanner.c b/src/scanner.c
index ca03c57..1f1e59a 100644
--- a/src/scanner.c
+++ b/src/scanner.c
@@ -1002,7 +1002,7 @@ emit_header(struct protocol *protocol, enum side side)
   struct wl_resource;\n\n,
   protocol-uppercase_name, s,
   protocol-uppercase_name, s,
-  (side == SERVER) ? wayland-util.h : wayland-client.h);
+  (side == SERVER) ? wayland-server.h : wayland-client.h);
 
wl_list_for_each(i, protocol-interface_list, link)
printf(struct %s;\n, i-name);
-- 
2.1.3

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH wayland 1/2] tests: C++ compilation test

[Mariusz Ceier]

This test includes one of wayland headers, which produced
error with C++ compiler. C compiler can't be used for this test,
because it issues only a warning[1] and only when wayland headers
are not installed in system headers path (/usr/include).

[1] wayland-server-protocol.h:201:2: warning: implicit declaration of function 
‘wl_resource_post_event’

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 Makefile.am| 4 +++-
 configure.ac   | 1 +
 tests/cpp-compile-test.cpp | 5 +
 3 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 tests/cpp-compile-test.cpp

diff --git a/Makefile.am b/Makefile.am
index 1551762..ea9ffc1 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -128,7 +128,8 @@ TESTS = \
queue-test  \
signal-test \
resources-test  \
-   message-test
+   message-test\
+   cpp-compile-test
 
 check_PROGRAMS =   \
$(TESTS)\
@@ -180,6 +181,7 @@ resources_test_SOURCES = tests/resources-test.c
 resources_test_LDADD = libtest-runner.la
 message_test_SOURCES = tests/message-test.c
 message_test_LDADD = libtest-runner.la
+cpp_compile_test_SOURCES = tests/cpp-compile-test.cpp
 
 fixed_benchmark_SOURCES = tests/fixed-benchmark.c
 fixed_benchmark_LDADD = libtest-runner.la
diff --git a/configure.ac b/configure.ac
index 12dd94c..a5f7e61 100644
--- a/configure.ac
+++ b/configure.ac
@@ -25,6 +25,7 @@ AM_INIT_AUTOMAKE([1.11 foreign no-dist-gzip dist-xz 
subdir-objects])
 AM_SILENT_RULES([yes])
 
 # Check for programs
+AC_PROG_CXX
 AC_PROG_CC
 
 # Initialize libtool
diff --git a/tests/cpp-compile-test.cpp b/tests/cpp-compile-test.cpp
new file mode 100644
index 000..1e84e63
--- /dev/null
+++ b/tests/cpp-compile-test.cpp
@@ -0,0 +1,5 @@
+/* This source should compile fine with C++ compiler */
+#include wayland-server-protocol.h
+
+int main() { return 0; }
+
-- 
2.1.3

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH wayland v2 2/2] scanner: Fix header generation for server protocols

[Mariusz Ceier]

Server protocols headers should include wayland-server.h,
instead of wayland-util.h. Otherwise they're not useable
with C++ compiler unless wayland-server.h was included
earlier.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---

Notes:
v2: s/generatation/generation/

 src/scanner.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/scanner.c b/src/scanner.c
index ca03c57..1f1e59a 100644
--- a/src/scanner.c
+++ b/src/scanner.c
@@ -1002,7 +1002,7 @@ emit_header(struct protocol *protocol, enum side side)
   struct wl_resource;\n\n,
   protocol-uppercase_name, s,
   protocol-uppercase_name, s,
-  (side == SERVER) ? wayland-util.h : wayland-client.h);
+  (side == SERVER) ? wayland-server.h : wayland-client.h);
 
wl_list_for_each(i, protocol-interface_list, link)
printf(struct %s;\n, i-name);
-- 
2.1.3

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH weston] Destroy resources when destroying an output

[Mariusz Ceier]

Hi,
   I sent similar patch in the past, and this reply from Pekka may be
still relevant:
http://lists.freedesktop.org/archives/wayland-devel/2013-December/012691.html

Mariusz Ceier


On 8 May 2014 19:38, Neil Roberts n...@linux.intel.com wrote:
 When an output is destroyed it now also destroys any resources that
 were pointing to it. Otherwise if the resource is destroyed after the
 output then the resource would try to remove itself from the resource
 list but the head of the resource list would no longer be valid and it
 would write to invalid memory.

 This was found using Valgrind. It looks like there is a similar
 problem for weston_pointer_destroy and in that case there is even a
 comment suggesting we should do something about it.

 https://bugs.freedesktop.org/show_bug.cgi?id=78415
 ---
  src/compositor.c | 5 +
  1 file changed, 5 insertions(+)

 diff --git a/src/compositor.c b/src/compositor.c
 index cd1ca9a..4162315 100644
 --- a/src/compositor.c
 +++ b/src/compositor.c
 @@ -3110,6 +3110,8 @@ weston_compositor_remove_output(struct 
 weston_compositor *compositor,
  WL_EXPORT void
  weston_output_destroy(struct weston_output *output)
  {
 +   struct wl_resource *resource, *tmp;
 +
 output-destroying = 1;

 weston_compositor_remove_output(output-compositor, output);
 @@ -3124,6 +3126,9 @@ weston_output_destroy(struct weston_output *output)
 output-compositor-output_id_pool = ~(1  output-id);

 wl_global_destroy(output-global);
 +
 +   wl_resource_for_each_safe(resource, tmp, output-resource_list)
 +   wl_resource_destroy(resource);
  }

  static void
 --
 1.9.0

 ___
 wayland-devel mailing list
 wayland-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/wayland-devel
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH weston] Don't include xserver-server-protocol.h

[Mariusz Ceier]

It was removed in 757d8aff2757387bcd594e2ee2a27055b366eac3,
along with xserver protocol.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 xwayland/dnd.c| 1 -
 xwayland/launcher.c   | 1 -
 xwayland/window-manager.c | 1 -
 3 files changed, 3 deletions(-)

diff --git a/xwayland/dnd.c b/xwayland/dnd.c
index daeb08d..f0f2457 100644
--- a/xwayland/dnd.c
+++ b/xwayland/dnd.c
@@ -37,7 +37,6 @@
 
 #include cairo-util.h
 #include compositor.h
-#include xserver-server-protocol.h
 #include hash.h
 
 static void
diff --git a/xwayland/launcher.c b/xwayland/launcher.c
index f37cbe4..f0a87f5 100644
--- a/xwayland/launcher.c
+++ b/xwayland/launcher.c
@@ -33,7 +33,6 @@
 #include signal.h
 
 #include xwayland.h
-#include xserver-server-protocol.h
 
 
 static int
diff --git a/xwayland/window-manager.c b/xwayland/window-manager.c
index c8810a9..7a042e5 100644
--- a/xwayland/window-manager.c
+++ b/xwayland/window-manager.c
@@ -38,7 +38,6 @@
 
 #include cairo-util.h
 #include compositor.h
-#include xserver-server-protocol.h
 #include hash.h
 
 struct wm_size_hints {
-- 
1.9.1

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH] [weston] Don't crash when eglCreateContext fails

[Mariusz Ceier]

eglCreateContext fails with every EGLConfig that
nvidia blob 334.16 provides causing NULL pointer
dereference in gl_renderer_destroy when destroying
fragment and fan bindings.

This should fix #74699.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 src/gl-renderer.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/gl-renderer.c b/src/gl-renderer.c
index d03bce6..76325f4 100644
--- a/src/gl-renderer.c
+++ b/src/gl-renderer.c
@@ -1766,8 +1766,10 @@ gl_renderer_destroy(struct weston_compositor *ec)
wl_array_release(gr-vertices);
wl_array_release(gr-vtxcnt);
 
-   weston_binding_destroy(gr-fragment_binding);
-   weston_binding_destroy(gr-fan_binding);
+   if (gr-fragment_binding)
+   weston_binding_destroy(gr-fragment_binding);
+   if (gr-fan_binding)
+   weston_binding_destroy(gr-fan_binding);
 
free(gr);
 }
-- 
1.8.5.4

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH wayland] tests/resources-test: Fix wl_resource_post_event call

[Mariusz Ceier]

I think both patches (and original code too obviously) are wrong -
WL_DISPLAY_ERROR (opcode 0) event has signature ous, so Quentin
patch calls event with too many arguments and ignores types, and Marek
patch calls event with too few arguments and incorrect type for the
second argument.
Imo, correct invocation should be either:
  wl_resource_post_event(res, WL_DISPLAY_ERROR, res,
WL_DISPLAY_ERROR_INVALID_OBJECT,This error will be ignored);
or
  wl_resource_post_event(res, WL_DISPLAY_ERROR, NULL,
WL_DISPLAY_ERROR_INVALID_OBJECT,This error will be ignored);
am I right ?


On 6 January 2014 14:59, Marek Ch mchqwe...@gmail.com wrote:
 The call is wrong, I posted it here:
 http://lists.freedesktop.org/archives/wayland-devel/2013-November/012141.html
 But without any reaction. Good that somobody else renewed it :)

 On 05/01/2014, Quentin Glidic sardemff7+wayl...@sardemff7.net wrote:
 From: Quentin Glidic sardemff7+...@sardemff7.net

 Signed-off-by: Quentin Glidic sardemff7+...@sardemff7.net
 ---

 I do not know if this call is wrong of this the test just reveals a bug but
 without this, the wl_resource_post_event_array is called with random values

  tests/resources-test.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/tests/resources-test.c b/tests/resources-test.c
 index d7a428a..2428964 100644
 --- a/tests/resources-test.c
 +++ b/tests/resources-test.c
 @@ -108,7 +108,7 @@ TEST(destroy_res_tst)
   wl_resource_add_destroy_listener(res, destroy_listener);

   /* without implementation this should be ignored .. */
 - wl_resource_post_event(res, 0);
 + wl_resource_post_event(res, 0, 0, 0, 0, 0);

   id = wl_resource_get_id(res);
   link = wl_resource_get_link(res);
 --
 1.8.5.2

 ___
 wayland-devel mailing list
 wayland-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/wayland-devel

 ___
 wayland-devel mailing list
 wayland-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/wayland-devel
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH] Destroy resources when destroying input and output

[Mariusz Ceier]

Some structures containing resources list are freed before resources
on that list are destroyed, and that triggers invalid read/write
in compositor.c:3103 indirectly called from text-backend.c:938
when running weston under valgrind.

This patch destroys resources on these lists before such
structures are freed.

That fixes at least x11 and freerds backend.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 src/compositor.c |  4 
 src/input.c  | 15 ---
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/compositor.c b/src/compositor.c
index ff0f3ab..a4077e8 100644
--- a/src/compositor.c
+++ b/src/compositor.c
@@ -3183,6 +3183,7 @@ weston_compositor_verify_pointers(struct 
weston_compositor *ec)
 WL_EXPORT void
 weston_output_destroy(struct weston_output *output)
 {
+   struct wl_resource *resource, *next_resource;
output-destroying = 1;
 
weston_compositor_remove_output(output-compositor, output);
@@ -3192,6 +3193,9 @@ weston_output_destroy(struct weston_output *output)
 
wl_signal_emit(output-destroy_signal, output);
 
+   wl_resource_for_each_safe(resource, next_resource, 
output-resource_list)
+   wl_resource_destroy(resource);
+
free(output-name);
pixman_region32_fini(output-region);
pixman_region32_fini(output-previous_damage);
diff --git a/src/input.c b/src/input.c
index 07e9d6c..062a2cb 100644
--- a/src/input.c
+++ b/src/input.c
@@ -471,10 +471,13 @@ weston_pointer_create(struct weston_seat *seat)
 WL_EXPORT void
 weston_pointer_destroy(struct weston_pointer *pointer)
 {
+   struct wl_resource *resource, *next_resource;
+
if (pointer-sprite)
pointer_unmap_sprite(pointer);
 
-   /* XXX: What about pointer-resource_list? */
+   wl_resource_for_each_safe(resource, next_resource, 
pointer-resource_list)
+   wl_resource_destroy(resource);
 
wl_list_remove(pointer-focus_resource_listener.link);
wl_list_remove(pointer-focus_view_listener.link);
@@ -520,7 +523,7 @@ weston_xkb_info_destroy(struct weston_xkb_info *xkb_info);
 WL_EXPORT void
 weston_keyboard_destroy(struct weston_keyboard *keyboard)
 {
-   /* XXX: What about keyboard-resource_list? */
+   struct wl_resource *resource, *next_resource;
 
 #ifdef ENABLE_XKBCOMMON
if (keyboard-seat-compositor-use_xkbcommon) {
@@ -533,6 +536,9 @@ weston_keyboard_destroy(struct weston_keyboard *keyboard)
}
 #endif
 
+   wl_resource_for_each_safe(resource, next_resource, 
keyboard-resource_list)
+   wl_resource_destroy(resource);
+
wl_array_release(keyboard-keys);
wl_list_remove(keyboard-focus_resource_listener.link);
free(keyboard);
@@ -570,7 +576,10 @@ weston_touch_create(void)
 WL_EXPORT void
 weston_touch_destroy(struct weston_touch *touch)
 {
-   /* XXX: What about touch-resource_list? */
+   struct wl_resource *resource, *next_resource;
+
+   wl_resource_for_each_safe(resource, next_resource, 
touch-resource_list)
+   wl_resource_destroy(resource);
 
wl_list_remove(touch-focus_view_listener.link);
wl_list_remove(touch-focus_resource_listener.link);
-- 
1.8.5.2

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH 1/1] Add a FreeRds backend, take 3

[Mariusz Ceier]

 2) When using windows remote desktop client, weston exits after
 accepting connection due to SIGPIPE signal. Here's backtrace:
 ==31717==
 ==31717== Process terminating with default action of signal 13 (SIGPIPE)
 ==31717==at 0x6080AD0: __write_nocancel (syscall-template.S:81)
 ==31717==by 0x6A3C156: freerds_send_stream (compositor-freerds.c:130)
 ==31717==by 0x6A3C4A4: freerds_refresh_region
 (compositor-freerds.c:186)
 ==31717==by 0x6A3DA19: freerds_treat_message
 (compositor-freerds.c:821)
 ==31717==by 0x6A3DF0A: freerds_client_activity
 (compositor-freerds.c:920)
 ==31717==by 0x4E3D7F7: wl_event_source_fd_dispatch (event-loop.c:86)
 ==31717==by 0x4E3E1A8: wl_event_loop_dispatch (event-loop.c:421)
 ==31717==by 0x4E3BFEC: wl_display_run (wayland-server.c:961)
 ==31717==by 0x411C3F: main (compositor.c:4242)

 I can provide more detailed logs, if anyone is interested.


 Yes please send them.

I uploaded them here: https://github.com/mceier/weston-logs
These are complete logs from valgrind and gdb, for 4 different tests.
Tests have (very) short description in README.

 Regards, thanks for testing and the feedback.

 --
 David FORT
 website: http://www.hardening-consulting.com/
___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH] Add missing return

[Mariusz Ceier]

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 src/data-device.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/data-device.c b/src/data-device.c
index ec3df33..8de5063 100644
--- a/src/data-device.c
+++ b/src/data-device.c
@@ -393,6 +393,7 @@ weston_seat_start_drag(struct weston_seat *seat,
weston_pointer_set_focus(seat-pointer, NULL,
 wl_fixed_from_int(0), wl_fixed_from_int(0));
weston_pointer_start_grab(seat-pointer, drag-grab);
+   return 0;
 }
 
 static void
-- 
1.8.3.2

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Re: [PATCH weston] window: fix NULL pointer dereference

[Mariusz Ceier]

I used attached program to trigger it - it's modified fullscreen.c client
with 2 subsurfaces.
When I run it, press 'f' to make the main surface fullscreen and move
pointer over blue border, I get the crash.




On 16 July 2013 18:59, Rob Bradford robert.bradf...@intel.com wrote:

 On 16 July 2013 01:25, Mariusz Ceier mceier+wayl...@gmail.com wrote:
 
  NULL pointer dereference happens when input-focus_widget == NULL
  and input-grab == NULL.
 

 I worry this is working around the problem rather than addressing the
 root cause. Why are we getting NULL for the focus_widget?

 What steps did you take to generate a segfault here? Perhaps you could
 open a bug

 Rob

/*
 * Copyright © 2008 Kristian Høgsberg
 * Copyright © 2012 Intel Corporation
 *
 * Permission to use, copy, modify, distribute, and sell this software and its
 * documentation for any purpose is hereby granted without fee, provided that
 * the above copyright notice appear in all copies and that both that copyright
 * notice and this permission notice appear in supporting documentation, and
 * that the name of the copyright holders not be used in advertising or
 * publicity pertaining to distribution of the software without specific,
 * written prior permission.  The copyright holders make no representations
 * about the suitability of this software for any purpose.  It is provided as
 * is without express or implied warranty.
 *
 * THE COPYRIGHT HOLDERS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
 * EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
 * DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
 * OF THIS SOFTWARE.
 */

#include stdint.h
#include stdio.h
#include stdlib.h
#include stdarg.h
#include string.h
#include math.h
#include cairo.h

#include linux/input.h
#include wayland-client.h
#include window.h

struct fullscreen {
	struct display *display;
	struct window *window;
	struct widget *widget;
	struct widget *red_subsurface;
	struct widget *green_subsurface;
	int width, height;
	int fullscreen;
	float pointer_x, pointer_y;
	enum wl_shell_surface_fullscreen_method fullscreen_method;
};

static void
fullscreen_handler(struct window *window, void *data)
{
	struct fullscreen *fullscreen = data;

	fullscreen-fullscreen ^= 1;
	window_set_fullscreen(window, fullscreen-fullscreen);
}

static void
resize_handler(struct widget *widget, int width, int height, void *data)
{
	struct fullscreen *fullscreen = data;

	widget_set_size(widget, fullscreen-width, fullscreen-height);
}

static void
draw_string(cairo_t *cr,
	const char *fmt, ...)
{
	char buffer[4096];
	char *p, *end;
	va_list argp;
	cairo_text_extents_t text_extents;
	cairo_font_extents_t font_extents;

	cairo_save(cr);

	cairo_select_font_face(cr, sans,
			   CAIRO_FONT_SLANT_NORMAL,
			   CAIRO_FONT_WEIGHT_NORMAL);
	cairo_set_font_size(cr, 14);

	cairo_font_extents (cr, font_extents);

	va_start(argp, fmt);

	vsnprintf(buffer, sizeof(buffer), fmt, argp);

	p = buffer;
	while (*p) {
		end = strchr(p, '\n');
		if (end)
			*end = 0;

		cairo_show_text(cr, p);
		cairo_text_extents (cr, p, text_extents);
		cairo_rel_move_to (cr, -text_extents.x_advance, font_extents.height);

		if (end)
			p = end + 1;
		else
			break;
	}

	va_end(argp);

	cairo_restore(cr);

}

static void
redraw_handler(struct widget *widget, void *data)
{
	struct fullscreen *fullscreen = data;
	struct rectangle allocation;
	cairo_surface_t *surface;
	cairo_t *cr;
	int i;
	double x, y, border;
	const char *method_name[] = { default, scale, driver, fill };

	surface = window_get_surface(fullscreen-window);
	if (surface == NULL ||
	cairo_surface_status(surface) != CAIRO_STATUS_SUCCESS) {
		fprintf(stderr, failed to create cairo egl surface\n);
		return;
	}

	widget_get_allocation(fullscreen-widget, allocation);

	cr = widget_cairo_create(widget);

	cairo_set_source_rgb(cr, 0, 0, 0);
	cairo_paint (cr);

	cairo_set_source_rgb(cr, 0, 0, 1);
	cairo_set_line_width (cr, 10);
	cairo_rectangle(cr, 5, 5, allocation.width - 10, allocation.height - 10);
	cairo_stroke (cr);

	cairo_move_to(cr,
		  allocation.x + 15,
		  allocation.y + 25);
	cairo_set_source_rgb(cr, 1, 1, 1);

	draw_string(cr,
		Surface size: %d, %d\n
		Scale: %d, transform: %d\n
		Pointer: %f,%f\n
		Fullscreen: %d, method: %s\n
		Keys: (s)cale, (t)ransform, si(z)e, (m)ethod, (f)ullscreen, (q)uit\n,
		fullscreen-width, fullscreen-height,
		window_get_buffer_scale (fullscreen-window),
		window_get_buffer_transform (fullscreen-window),
		fullscreen-pointer_x, fullscreen-pointer_y,
		fullscreen-fullscreen, method_name[fullscreen-fullscreen_method]);

	y = 100;
	i = 0;
	while (y + 60  fullscreen-height) {
		border = (i++ % 2 == 0

[PATCH weston] window: fix NULL pointer dereference

[Mariusz Ceier]

NULL pointer dereference happens when input-focus_widget == NULL
and input-grab == NULL.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 clients/window.c | 17 ++---
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/clients/window.c b/clients/window.c
index cbfe12f..9933cb9 100644
--- a/clients/window.c
+++ b/clients/window.c
@@ -2819,14 +2819,17 @@ pointer_handle_motion(void *data, struct wl_pointer 
*pointer,
widget = input-grab;
else
widget = input-focus_widget;
-   if (widget  widget-motion_handler)
-   cursor = widget-motion_handler(input-focus_widget,
-   input, time, sx, sy,
-   widget-user_data);
-   else
-   cursor = input-focus_widget-default_cursor;
+   if (widget)
+   {
+   if (widget-motion_handler)
+   cursor = widget-motion_handler(input-focus_widget,
+   input, time, sx, sy,
+   widget-user_data);
+   else
+   cursor = widget-default_cursor;
+   input_set_pointer_image(input, cursor);
+   }
 
-   input_set_pointer_image(input, cursor);
 }
 
 static void
-- 
1.8.3.2

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

[PATCH wayland] connection: Handle empty signature and signature with just a version.

[Mariusz Ceier]

Functions like wl_argument_from_va_list expect from get_next_argument,
to initialize details-type but when the signature is empty or contains
only version (like in desktop-shell-protocol.c in weston) it is left
uninitialized.

This patch fixes it, by initializing details-type with '\0' value,
signaling end of arguments.

Signed-off-by: Mariusz Ceier mceier+wayl...@gmail.com
---
 src/connection.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/connection.c b/src/connection.c
index 2ca9bce..9bb850c 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -419,6 +419,7 @@ get_next_argument(const char *signature, struct 
argument_details *details)
details-nullable = 1;
}
}
+   details-type = '\0';
return signature;
 }
 
-- 
1.8.3.2

___
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel