Wrong version got committed, but wasn't noticed since it only builds
with meson, not autoconf.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
MinGW defines SIG_BLOCK, but doesn't have signal masks, so rather than
checking for SIG_BLOCK, add a configure check for sigprocmask.
v2:
Also add check to meson.build
It can take some time for Xorg to start. If Xorg runs as a systemd
service and other services are based on it, they have no way to
determine when Xorg is really ready to accept requests. Let's use
sd_notify() provided by libsystemd to signal systemd for readiness.
If Xorg has not been started as a systemd service, this won't do
anything.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Differences from autotools:
* Autotools defined NO_ALLOCA for OSX builds. I don't think we need
this anymore as Xalloc.h is no longer used anywhere in the xserver.
* X11.bin is linked with -u,miDCInitialize, and then libserver_mi
provided to satisfy (just) that. It's been that way since the commit
which added it. We can't write the equivalent in meson due to linker
argument ordering issues, but do we really need to?
* An explicit -Dsecure-rpc=false is required for OSX, since in meson we
don't do the checks that XTRANS_SECURE_RPC_FLAGS did for the existence
of the specific RPC functions required.
In the meson build, functions to make up for the shortcomings of libc
are compiled into a separate library. We don't bother making the pixman
headers available (reasonably enough) to this compilation, but they are
required indirectly by dix.h. Just remove this unneeded include.
GetTimeInMillis is called first, which sets clockid to
CLOCK_MONOTONIC_COARSE, which is typically much lower resolution than
the callers of GetTimeInMicros want.
Prior to a779fda224, GetTimeInMillis and
GetTimeInMicros did not share a clockid.
Restore the clockid split to fix the granularity of GetTimeInMicros.
Signed-off-by: Peter Harris <pharris@opentext.com>
This contortion made a bit more sense before we got SetNotifyFd and
friends, but now there's no need for it.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
CVE-2018-14665 also made it possible to exploit this to access
memory. With -logfile forbidden when running with elevated privileges
this is no longer an issue.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Adam Jackson <ajax@redhat.com>
xdmcpSocket survives during the reset, there is no
need to create a new one.
This commit restores logic that was broken by
49c0f2413d in Xorg 1.19.
Signed-off-by: Alexander Volkov <a.volkov@rusbitech.ru>
These are so close to identical that most DDXes implement one in terms
of the other. All the relevant cases can be distinguished by the error
code, so merge the functions together to make things simpler.
Reviewed-by: Eric Anholt <eric@anholt.net>
Signed-off-by: Adam Jackson <ajax@redhat.com>
This variable was no longer being read anywhere. MAXCLIENTS the macro is
the compile-time maximum limit, LIMITCLIENTS the macro is the default
limit, LimitClients the variable is the limit for the current server.
Signed-off-by: Adam Jackson <ajax@redhat.com>
The client ID is only needed for XRes, and autotools build ignores the
--clientids= arg if xres is disabled. We haven't made a meson option
for disabling tracking client ids (is it actually worth a build
option?), so just make this depend on xres.
Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Currently our meson.build just makes the assumption that the libc is
going to provide RPC functions. This doesn't actually seem to be the
case on Fedora, which causes compilation to fail unexpectedly:
../../Projects/xserver/os/rpcauth.c:47:10: fatal error: rpc/rpc.h: No such file or directory
#include <rpc/rpc.h>
^~~~~~~~~~~
compilation terminated.
So, in the event that we can't use libtirpc ensure that we actually
check whether or not the libc provides rpc/rpc.h. If it doesn't, raise
an error.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Lyude Paul <lyude@redhat.com>
If a driver calls AttendClient() from within a timer callback we
need to re-compute the local 'are_ready' to prevent the attended
client from waiting until WaitForSomething() times out.
This is a fix similar to commit 9ed5b263.
Signed-off-by: Damien Leone <dleone@nvidia.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
As we are not freeing elements while iterating the list of timers, we
can forgo using the safe variant, and reduce the number of pointer
dances required for the insertion sort.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Currently, we use xorg_list_add(new, head->prev) which is functionaly
equivalent to xorg_list_append(), but with more pointer chasing, so
reduce the strain on the reader and compiler by using the simpler
append().
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Currently we only check timer expiry if there are no client fd (or
other input) waiting to be serviced. This makes it very easy to starve
the timers with long request queues, and so miss critical timestamps.
The timer subsystem is just another input waiting to be serviced, so
evaluate it on every loop like all the others, at the cost of calling
GetTimeInMillis() slightly more frequently. (A more invasive and likely
OS specific alternative would be to move the timer wheel to the local
equivalent of timerfd, and treat it as an input fd to the event loop
exactly equivalent to all the others, and so also serviced on every
pass. The trade-off being that the kernel timer wheel is likely more
efficiently integrated with epoll, but individual updates to each timer
would then require syscalls.)
Reviewed-by: Peter Harris <pharris@opentext.com>
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Querying a pkg-config variable using the --variable option produces the
value of the given variable as stored in the pkg-config file and should
not be used to add directories to the include search path.
The reason for this is that it breaks cross-compilation, because header
files are installed relative to the host sysroot. pkg-config supports a
PKG_CONFIG_SYSROOT_DIR environment variable that points to this sysroot
and will prepend that to the path of directories in -I or -L options in
pkg-config's Cflags, Libs or Libs.private keywords. However, because no
context can be inferred from variable names, as opposed to the keywords
with fixed meaning, the sysroot path will not be prepended to them. The
build system is responsible for doing so if necessary since it is aware
of the context in which the variable is used.
Adding the include directory returned by pkg-config to the include path
leaks build system information into the cross-build and break with very
confusing errors such as this:
In file included from include/misc.h:82:0,
from dix/atom.c:55:
/usr/include/pthread.h:682:6: warning: '__regparm__' attribute directive ignored [-Wattributes]
__cleanup_fct_attribute;
^~~~~~~~~~~~~~~~~~~~~~~
or this:
In file included from include/misc.h:139:0,
from dix/atom.c:55:
/usr/include/stdlib.h:133:8: error: '_Float128' is not supported on this target
extern _Float128 strtof128 (const char *__restrict __nptr,
^~~~~~~~~
Fix this by replacing the include directory with the appropriate xproto
dependency required to add the correct include directory to the compile
command for subdirectories that are missing the dependency. As detailed
above, this gives pkg-config the opportunity to prepend the sysroot for
all paths in -I compiler options.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Trivial way to reproduce the bug:
$ Xorg -logfile /tmp/mylog -config /etc/xpra/xorg.conf -displayfd 2
The server then moans:
Failed to rename log file "/tmp/mylog" to "/tmp/mylog": No such file or directory
And the log file is created but immediately renamed to "/tmp/mylog.old".
This is caused by the changes to the log file handling introduced by
this commit:
https://cgit.freedesktop.org/xorg/xserver/commit/?id=edcb6426f20c3be5dd5f50b76a686754aef2f64e
To fix this, only rename the logfile if the log filename contains the
magic substitution string "%s".
Signed-off-by: Antoine Martin <antoine@nagafix.co.uk>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Nicolai Hähnle <nicolai.haehnle@amd.com>
Reviewed-by: Ben Crocker <bcrocker@redhat.com>
Reviewed-by: Antoine Martin <antoine@nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker@redhat.com>
Having different types of code all trying to check for elevated privileges
is a bad idea. This implementation is the most thorough one.
Signed-off-by: Nicolai Hähnle <nicolai.haehnle@amd.com>
Reviewed-by: Ben Crocker <bcrocker@redhat.com>
Reviewed-by: Antoine Martin <antoine@nagafix.co.uk>
Tested-by: Ben Crocker <bcrocker@redhat.com>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
Otherwise this is broken on cygwin:
rrlease.c: In function ‘ProcRRCreateLease’:
rrlease.c:305:9: error: implicit declaration of function ‘WriteFdToClient’ [-Werror=implicit-function-declaration]
if (WriteFdToClient(client, fd, TRUE) < 0) {
Signed-off-by: Adam Jackson <ajax@redhat.com>
When xorg_backtrace calls unw_get_proc_name and an error occurs, offset
might not be set for the current frame.
Initialize offset for each frame so that the offset from another frame
cannot be used inadvertently.
Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
When a monotonic clock is not available, GetTimeInMicros() returns the
time in nanoseconds. Instead, return the time in microseconds, as the
name indicates.
Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
The inputthread is kept locked all the time while X server's VT is not active.
If the X server is terminated while not active, it will be stuck forever in
InputThreadFini waiting for the thread to join, but it wouldn't because it is
locked.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=103782
Signed-off-by: Michal Srb <msrb@suse.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Building with strict-aliasing rightly chirps here:
../os/xdmcp.c: In function ‘XdmcpRegisterConnection’:
../os/xdmcp.c:489:31: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
&((struct sockaddr_in6 *) &address)->sin6_addr.s6_addr[12];
^~~~~~~~~~~~
We have "const char *address", so &address here is a char ** (i.e., it
points to the slot on the stack containing the pointer to the character
array passed in as an argument). Casting that to a struct sockaddr_in6 *
is wrong, because it means that area of the stack will be reinterpreted
as a struct sockaddr_in6.
Instead, cast address, not &address.
Signed-off-by: Adam Jackson <ajax@redhat.com>
x11perf -noop with 200 xlogos connected is slightly faster with ports:
before after Operation
---------- ----------------- --------------------
18400000.0 19200000.0 (1.04) X protocol NoOperation
Acked-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Peter Harris <pharris@opentext.com>
AIX's poll only allows FD_SETSIZE entries in the fd list, which is
insufficient for expanded MaxClients.
As a bonus, x11perf -noop with ~250 xlogos connected is slightly faster
with pollset:
before after Operation
--------- ---------------- --------------------
5750000.0 5990000.0 (1.04) X protocol NoOperation
Signed-off-by: Peter Harris <pharris@opentext.com>
Acked-by: Keith Packard <keithp@keithp.com>
SIGQUIT is a normal termination request, but any other signal we handle
here wants a core. This has the effect of making FatalError's call to
AbortServer trigger the
if (CoreDump)
OsAbort();
path. This will allow us to remove some DDX code that has the same net
effect.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Dave Airlie <airlied@redhat.com>
Don't reuse cmd for strtok output to ensure the proper pointer is
freed afterwards.
The code incorrectly assumed the pointer returned by strtok(cmd, ":")
would always point to cmd. However, strtok(str, sep) != str if str
begins with sep. This caused an invalid-free crash when running
a program under X with a name beginning with a colon.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=104123
Signed-off-by: Tomasz Śniatowski <kailoran@gmail.com>
Reviewed-by: Michel Dänzer <michel.daenzer@amd.com>
Terminate a dead session when -once was passed. Don't restart it.
Signed-off-by: Daniel Martin <consume.noise@gmail.com>
Reviewed-by: Walter Harms <wharms@bfs.de>
This was always wide enough to work on an fd_mask ("mask" ffs
presumably). We don't operate on fd_masks anymore, so this can go.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Roundhouse kick replacing the various (sizeof(foo)/sizeof(foo[0])) with
the ARRAY_SIZE macro from dix.h when possible. A semantic patch for
coccinelle has been used first. Additionally, a few macros have been
inlined as they had only one or two users.
Signed-off-by: Daniel Martin <consume.noise@gmail.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
A client can send a big request where the 32B "length" field has value
0. When the big request header is removed and the length corrected,
the value will underflow to 0xFFFFFFFF. Functions processing the
request later will think that the client sent much more data and may
touch memory beyond the receive buffer.
Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
The meson build gives me:
../os/utils.c: In function ‘LockServer’:
../os/utils.c:310:40: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
snprintf(pid_str, sizeof(pid_str), "%10ld\n", (long) getpid());
^~~~~~~~~
../os/utils.c:310:5: note: ‘snprintf’ output between 12 and 13 bytes into a destination of size 12
snprintf(pid_str, sizeof(pid_str), "%10ld\n", (long) getpid());
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Which seems to be due to the %d part meaning that a negative number's -
sign would be one wider than we're expecting. Fine, just coerce it to
unsigned.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
The function itself does not depend on the macro. Move it outside
of the ifdef guard and remove the identical copy in XWIN.
This is step 1 towards removing the duplication in winauth.c and moving
the OS specifics to os/
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Jon Turney <jon.turney@dronecode.org.uk>
The epoll code depends on epoll_create1, not epoll_create.
Signed-off-by: Peter Harris <pharris@opentext.com>
Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Eric Anholt <eric@anholt.net>
This ensures that we don't use the now-closed file descriptor in the
future.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
oc->trans_conn is set to NULL when the connection is closed. At this
point, oc->fd is no longer valid and shouldn't be used. Move
dereference of oc->fd up into YieldControlNoInput where the state of
oc->trans_conn can be checked in a single place.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
