[PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi All, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. Regards, Hans ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
[PATCH xinit] startx: Pass -nolisten tcp by default
Having servers started by startx listen on tcp by default is not a good idea in this time and age. Pass -nolisten tcp by default, and add a special -listen server option which can be used to disable this new default behavior. Signed-off-by: Hans de Goede hdego...@redhat.com --- man/startx.man | 7 +++ startx.cpp | 5 + 2 files changed, 12 insertions(+) diff --git a/man/startx.man b/man/startx.man index 0405be0..fc2cbc3 100644 --- a/man/startx.man +++ b/man/startx.man @@ -39,6 +39,8 @@ startx \- initialize an X session .I server ] [ .I display +] [ +.I -listen ] .I options \.\|.\|. ] @@ -56,6 +58,11 @@ command are used to start a client in the same manner as The special argument .RB '--' marks the end of client arguments and the beginning of server options. +By default startx passes +.RB '-nolisten\ tcp' +to the server, the special server option +.RB '-listen' +can be used to stop startx from doing this. It may be convenient to specify server options with startx to change on a per-session basis the default color depth, the server's notion of the number of dots-per-inch the diff --git a/startx.cpp b/startx.cpp index 1c6fce0..8612fa6 100644 --- a/startx.cpp +++ b/startx.cpp @@ -60,6 +60,7 @@ defaultdisplay=:0 clientargs= serverargs= vtarg= +listenarg=-nolisten tcp #ifdef __APPLE__ @@ -156,6 +157,8 @@ while [ x$1 != x ]; do if [ x$serverargs = x ] @@ expr $1 : ':[0-9][0-9]*$' /dev/null 21; then display=$1 + elif [ $1 = -listen ]; then + listenarg= else serverargs=$serverargs $1 fi @@ -225,6 +228,8 @@ if [ $have_vtarg = no ]; then serverargs=$serverargs $vtarg fi +serverargs=$serverargs $listenarg + XCOMM if no display, use default if [ x$display = x ]; then display=$defaultdisplay -- 2.1.0 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi, 'this day and age' 'this time and age' Time is good: it allows evolution (or erosion) to slowly happen. But I for one vote that X11 network transparency remains default. Cheers, Colin Harrison ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
From: Colin Harrison colin.harri...@virgin.net Date: Fri, 12 Sep 2014 09:37:05 +0100 Hi, 'this day and age' 'this time and age' Time is good: it allows evolution (or erosion) to slowly happen. But I for one vote that X11 network transparency remains default. In this day^H^H^Htime and age sane people would use ssh -X to achieve X11 network transparency though. ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
From: Hans de Goede hdego...@redhat.com Date: Fri, 12 Sep 2014 09:25:17 +0200 Hi All, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. You're probably right. However instead of fixing this in each and every bit of code that starts and X server, wouldn't it make more sense to simply change the default in the X server itself and add the -listen option there to override things? ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi, On 09/12/2014 11:12 AM, Mark Kettenis wrote: From: Hans de Goede hdego...@redhat.com Date: Fri, 12 Sep 2014 09:25:17 +0200 Hi All, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. You're probably right. However instead of fixing this in each and every bit of code that starts and X server, wouldn't it make more sense to simply change the default in the X server itself and add the -listen option there to override things? I was thinking the same thing while working on this patch, the problem is that most bits of code starting the xserver have already been patched to start it with -nolisten tcp, and have their own config file options / cmdline options to override this. Changing the server would break all this, where as just changing startx keeps all of the existing other xserver starters working. Regards, Hans ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi, Make Kettenis wrote: 'use ssh -X to achieve X11 network transparency' even that is old school... ssh -2 -X is surely the way to go? Encryption is good when you have control of the keys and protocols used (or know all who can access/use them)...but new school 'Apps' send your personal data, over public networks, without you knowing what is being encrypted, to massive 'potentially Orwellian' data centres. So I don't think X11 network transparency is much of a threat to your privacy, in 'this time and age', there is an elephant in the room! Reduction of the established/proven complexity of 'consumer' software potentially forces you to use 'cloud services' or rent on-line software to do real work (just look at the Teletubby GUIs of modern 'consumer' operating systems with their 'swarms' of useless highly intrusive apps) Fessing up: I have a vested interest in producing X servers for private companies and individuals, not producing databases and servers for huge anonymous data centres! Cheers, Colin Harrison ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi, On 09/12/2014 02:11 PM, Laurent Bigonville wrote: Le Fri, 12 Sep 2014 09:25:17 +0200, Hans de Goede hdego...@redhat.com a écrit : Hi All, Hello, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. On Debian we have the -nolisten tcp option set in the system-wide xserverrc file since 2006 at least. Interesting, note though that startx will ignore xserverrc as soon as any server options, including a display, are passed, so a not untypical usage of: startx -- :1 Will circumvent this. But isn't your patch preventing the user or local admin to explicitly ask to listen on tcp in xserverrc or .xserverrc ? Which is why the actual commit message of the patch contains: Pass -nolisten tcp by default, and add a special -listen server option which can be used to disable this new default behavior. As well as actually doing so, and documenting this in the man page :) Regards, Hans ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Date: Fri, 12 Sep 2014 12:17:24 +0200 From: Hans de Goede hdego...@redhat.com Hi, On 09/12/2014 11:12 AM, Mark Kettenis wrote: From: Hans de Goede hdego...@redhat.com Date: Fri, 12 Sep 2014 09:25:17 +0200 Hi All, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. You're probably right. However instead of fixing this in each and every bit of code that starts and X server, wouldn't it make more sense to simply change the default in the X server itself and add the -listen option there to override things? I was thinking the same thing while working on this patch, the problem is that most bits of code starting the xserver have already been patched to start it with -nolisten tcp, and have their own config file options / cmdline options to override this. Changing the server would break all this, where as just changing startx keeps all of the existing other xserver starters working. I don't see how this would break things. Just make sure that -nolisten tcp continues to be accepted by the xserver. It will become a no-op of course. Unless perhaps you do something silly as starting the xserver with -listen tcp -nolisten tcp. ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hi, On 09/12/2014 03:46 PM, Mark Kettenis wrote: Date: Fri, 12 Sep 2014 12:17:24 +0200 From: Hans de Goede hdego...@redhat.com Hi, On 09/12/2014 11:12 AM, Mark Kettenis wrote: From: Hans de Goede hdego...@redhat.com Date: Fri, 12 Sep 2014 09:25:17 +0200 Hi All, After doing the 1.3.4 release yesterday, I've started working on updating the Fedora packages to 1.3.4. While looking at our open bug list against xinit, I found one bug which is not yet resolved in 1.3.4 . This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. You're probably right. However instead of fixing this in each and every bit of code that starts and X server, wouldn't it make more sense to simply change the default in the X server itself and add the -listen option there to override things? I was thinking the same thing while working on this patch, the problem is that most bits of code starting the xserver have already been patched to start it with -nolisten tcp, and have their own config file options / cmdline options to override this. Changing the server would break all this, where as just changing startx keeps all of the existing other xserver starters working. I don't see how this would break things. User is using e.g. gdm to start the xserver, user wants the server to listen on tcp, has added necessary gdm magic to not make gdm pass -nolisten tcp, user all of a sudden gets -nolisten tcp regardless because that is now the default. Fixing this would require patching gdm, to pass the new -listen option to the server when the user has requested to not pass -nolisten in gdm.conf. And then the same for any other app starting the xserver which already passes -nolisten tcp by default + and has an app specific way to tell the app to not do that. Just make sure that -nolisten tcp continues to be accepted by the xserver. It will become a no-op of course. Unless perhaps you do something silly as starting the xserver with -listen tcp -nolisten tcp. There is no such option as -listen (at least not according to man Xserver), I've added one to startx, which negates startx's adding of -nolisten tcp Regards, Hans ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit] startx: Pass -nolisten tcp by default
Hi, On 09/12/2014 04:40 PM, Mateusz Jończyk wrote: W dniu 12.09.2014 o 09:25, Hans de Goede pisze: Having servers started by startx listen on tcp by default is not a good idea in this time and age. Pass -nolisten tcp by default, and add a special -listen server option which can be used to disable this new default behavior. Signed-off-by: Hans de Goede hdego...@redhat.com --- man/startx.man | 7 +++ startx.cpp | 5 + 2 files changed, 12 insertions(+) Hello, This may generate a security threat in case some people will assume that xinit uses -nolisten tcp by default and then do not pass this parameter on the command line. When that code will run will an older XServer version, it will expose the X Server on a network. I don't think that adding warnings for security issues in older versions to man-pages is a good idea. If we do that each time we tweak a security related setting for better security by default man pages will become unreadable over time. Regards, Hans ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit] startx: Pass -nolisten tcp by default
W dniu 12.09.2014 o 09:25, Hans de Goede pisze: Having servers started by startx listen on tcp by default is not a good idea in this time and age. Pass -nolisten tcp by default, and add a special -listen server option which can be used to disable this new default behavior. Signed-off-by: Hans de Goede hdego...@redhat.com --- man/startx.man | 7 +++ startx.cpp | 5 + 2 files changed, 12 insertions(+) Hello, This may generate a security threat in case some people will assume that xinit uses -nolisten tcp by default and then do not pass this parameter on the command line. When that code will run will an older XServer version, it will expose the X Server on a network. This should be at least documented in the man page. Greetings, Mateusz Jończyk ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
On 09/12/14 04:54 AM, Colin Harrison wrote: So I don't think X11 network transparency is much of a threat to your privacy, in 'this time and age', there is an elephant in the room! Frankly, privacy of the protocol data is less important to me than the huge number of bugs in our protocol encoding/decoding code. Allowing people to connect to your machine and throw crap at it to trigger all our overflows is simply stupid. -- -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Engineering - http://blogs.oracle.com/alanc ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
[PATCH libxtrans] Add TRANS(Listen) function to re-enable specific listen sockets
This will allow a server to disable listeners by default and then let later configuration re-enable them. In particular, this lets the X server disable inet and unix listen sockets by default while still providing a '-listen' command line option to re-enable them later on. Signed-off-by: Keith Packard kei...@keithp.com --- Xtrans.c | 25 + Xtrans.h | 4 2 files changed, 29 insertions(+) diff --git a/Xtrans.c b/Xtrans.c index 2880803..bfba1ad 100644 --- a/Xtrans.c +++ b/Xtrans.c @@ -804,6 +804,31 @@ TRANS(NoListen) (const char * protocol) } int +TRANS(Listen) (const char * protocol) +{ + Xtransport *trans; + int i = 0, ret = 0; + + if ((trans = TRANS(SelectTransport)(protocol)) == NULL) + { + prmsg (1,TransListen: unable to find transport: %s\n, + protocol); + + return -1; + } + if (trans-flags TRANS_ALIAS) { + if (trans-nolisten) + while (trans-nolisten[i]) { + ret |= TRANS(Listen)(trans-nolisten[i]); + i++; + } + } + + trans-flags = ~TRANS_NOLISTEN; + return ret; +} + +int TRANS(IsListening) (const char * protocol) { Xtransport *trans; diff --git a/Xtrans.h b/Xtrans.h index 6decc6b..026fbd7 100644 --- a/Xtrans.h +++ b/Xtrans.h @@ -311,6 +311,10 @@ int TRANS(NoListen) ( const char* /* protocol*/ ); +int TRANS(Listen) ( +const char* /* protocol*/ +); + int TRANS(IsListening) ( const char* /* protocol*/ ); -- 2.1.0 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
[PATCH] os: Don't listen to 'tcp' or 'unix' by default. Add '-listen' option.
This disables tcp and unix listen ports by default (the unix port is the non-abstract /tmp/.X11-unix port that xcb doesn't use). Then, it uses a new xtrans interface, TRANS(Listen), to provide a command line option to re-enable those if desired. Signed-off-by: Keith Packard kei...@keithp.com --- os/utils.c | 21 + 1 file changed, 21 insertions(+) diff --git a/os/utils.c b/os/utils.c index c83f77d..ff1806b 100644 --- a/os/utils.c +++ b/os/utils.c @@ -646,6 +646,12 @@ VerifyDisplayName(const char *d) return 1; } +static const char *defaultNoListenList[] = { +tcp, +unix, +NULL +}; + /* * This function parses the command line. Handles device-independent fields * and allows ddx to handle additional fields. It is not allowed to modify @@ -664,6 +670,12 @@ ProcessCommandLine(int argc, char *argv[]) PartialNetwork = TRUE; #endif +for (i = 0; defaultNoListenList[i] != NULL; i++) { +if (_XSERVTransNoListen(defaultNoListenList[i])) +ErrorF(Failed to disable listen for %s transport, + defaultNoListenList[i]); +} + for (i = 1; i argc; i++) { /* call ddx first, so it can peek/override if it wants */ if ((skip = ddxProcessArgument(argc, argv, i))) { @@ -849,6 +861,15 @@ ProcessCommandLine(int argc, char *argv[]) else UseMsg(); } +else if (strcmp(argv[i], -listen) == 0) { +if (++i argc) { +if (_XSERVTransListen(argv[i])) +ErrorF(Failed to enable listen for %s transport, + argv[i]); +} +else +UseMsg(); +} else if (strcmp(argv[i], -noreset) == 0) { dispatchExceptionAtReset = 0; } -- 2.1.0 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xinit 0/1] startx: Pass -nolisten tcp by default
Hans de Goede hdego...@redhat.com writes: This patch fixes this, I realize that this is a behavior change, and as such may be a bit controversial, but I really believe that in this day and age -nolisten tcp by default is the right thing to do. I've posted patches to Xtrans and the X server that disable tcp and unix listener ports by default while providing a '-listen' command line option to re-enable them. Missing from these patches are a version bump to Xtrans and the associated version check in the X server. If the general form of these patches is acceptable, I'd bump the Xtrans version, do a release, and then make the X server depend on that. The 'unix' listener port uses a non-abstract socket, /tmp/.X11-unix/X0, which is subject to various security threats, and which xcb and Xlib don't use anymore. We could make the set of default no-listen ports configurable at compile time if desired. -- keith.pack...@intel.com pgpaMx53f8Y4T.pgp Description: PGP signature ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Can't hook into the Double Buffer extension.
I am writing a video driver for which I'd like to support the Double Buffer Extension. However I need to hook some of the calling functions described xorg/dbestruct.h, especially 'AllocateBackBuffer' and 'SwapBuffers'. However, the only way to access them is via the private key for dbe, and its not exported. Am I missing something, or is it really impossible to hook those functions? -- Stirling Westrup Programmer, Entrepreneur. https://www.linkedin.com/e/fpf/77228 http://www.linkedin.com/in/swestrup http://technaut.livejournal.com http://sourceforge.net/users/stirlingwestrup ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [Intel-gfx] [PATCH 0/2 xf86-video-intel] Two DRI3/Present bug fixes for UXA
On Wednesday, September 10, 2014 02:09:07 PM Keith Packard wrote: Here are a couple of small bug fixes which make DRI3/Present work better with UXA. [PATCH 1/2] Do not clear pending kernel events on mode switch This patch prevents GL-based compositing managers from wedging when performing video mode setting. The problem was that DIX was never receiving notification about page flips being completed when one was pending across a mode switch. [PATCH 2/2] Correct BO allocation alignment This patch makes UXA and Mesa agree about how buffers are allocated for images. Without this, UXA was requiring larger padding, which meant that converting some textures into pixmaps using DRI3 would fail. -keith ___ Intel-gfx mailing list intel-...@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx Both are: Tested-by: Kenneth Graunke kenn...@whitecape.org I tested them using DRI3/Present + UXA and DRI3/Present + Glamor on Haswell GT3e. 1. Plug external 2560x1440 DisplayPort monitor into laptop. 2. echo 'exec startkde' ~/.xinitrc 3. startx 4. xrandr --output DP1 --auto This used to result in DP1 switching to 2560x1440, but KWin getting stuck waiting on a buffer idle event that never came, so you'd only see a 1920x1080 screen in the top left corner of the display, with either black or white bars in the other area. Other than the mouse cursor, nothing worked. With these patches, X works as expected. Thanks for the fixes, Keith! signature.asc Description: This is a digitally signed message part. ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH] os: Don't listen to 'tcp' or 'unix' by default. Add '-listen' option.
From: Keith Packard kei...@keithp.com Date: Fri, 12 Sep 2014 11:35:41 -0700 This disables tcp and unix listen ports by default (the unix port is the non-abstract /tmp/.X11-unix port that xcb doesn't use). Then, it uses a new xtrans interface, TRANS(Listen), to provide a command line option to re-enable those if desired. Hi Keith, Looks like you're on my side of the fence on this issue ;). Unconditionally disabling the unix listen ports by default might be a step too far. Abstract sockets are only available on Linux. So on other architectures (or at least the ones where LOCALCONN isn't defined) this would leave us with no listen ports at all. I may have gotten lost in the #ifdef maze though... Signed-off-by: Keith Packard kei...@keithp.com --- os/utils.c | 21 + 1 file changed, 21 insertions(+) ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH] os: Don't listen to 'tcp' or 'unix' by default. Add '-listen' option.
Mark Kettenis mark.kette...@xs4all.nl writes: Looks like you're on my side of the fence on this issue ;). Absolutely -- TCP connections to X are archaic. Unconditionally disabling the unix listen ports by default might be a step too far. Abstract sockets are only available on Linux. Yes, of course. So on other architectures (or at least the ones where LOCALCONN isn't defined) this would leave us with no listen ports at all. I may have gotten lost in the #ifdef maze though... It's a terrible maze in there; I have no idea whether disabling unix will actually disable local connections on BSD or not; I fear the best way to find out is for you to just run the X server with --nolisten unix and see what happens... If it's just a linux thing, we can add an #ifdef around the unix entry in the default no listen list. -- keith.pack...@intel.com pgpGwCR4IMMba.pgp Description: PGP signature ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH 04/18] Three minor warning and whitespace fixes
Eric Anholt e...@anholt.net writes: Keith Packard kei...@keithp.com writes: Declare a constant string 'const', clean up some indentation whitespace I'm confused about these whitespace fixes -- the lines surrounding those two are also tabs. I eliminated the whitespace changes and went ahead and pushed the 'const' change. -- keith.pack...@intel.com pgpkHdWy2pert.pgp Description: PGP signature ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel