All symbols in installed sdk headers should be explicitly tagged
as exported symbols. Otherwise, to ensure it is not a mistake, one
could write it as something like:
extern /* NOEXPORT */ type name ...;
but the proper procedure really should be to use a non sdk header
(or a "noinst_" one).
This patch also removes prototypes to some functions that existed
only temporarily.
Save in a few special cases, _X_EXPORT should not be used in C source
files. Instead, it should be used in headers, and the proper C source
include that header. Some special cases are symbols that need to be
shared between modules, but not expected to be used by external drivers,
and symbols that are accessible via LoaderSymbol/dlopen.
This patch also adds conditionally some new sdk header files, depending
on extensions enabled. These files were added to match pattern for
other extensions/modules, that is, have the headers "deciding" symbol
visibility in the sdk. These headers are:
o Xext/panoramiXsrv.h, Xext/panoramiX.h
o fbpict.h (unconditionally)
o vidmodeproc.h
o mioverlay.h (unconditionally, used only by xaa)
o xfixes.h (unconditionally, symbols required by dri2)
LoaderSymbol and similar functions now don't have different prototypes,
in loaderProcs.h and xf86Module.h, so that both headers can be included,
without the need of defining IN_LOADER.
xf86NewInputDevice() device prototype readded to xf86Xinput.h, but
not exported (and with a comment about it).
To recap: the original XC-SECURITY extension disallowed background "None" if
the window was untrusted. XACE 1.0 preserved this check as a hook function.
XACE pre-2.0 removed the hook and first abolished background "None entirely,
then restored it as a global on/off switch in response to Bug #13683.
Now it's back to being per-window, via a flag instead of a hook function.
From the X11 protocol spec:
"If background None is specified, the window has no defined background."
This means that toolkits and apps cannot rely on the "transparent" nature
of the current implementation! At some point before the next release,
XACE will switch back to a solid background as the default.
Subject: [PATCH] fix some performance gaps in Xace
The XaceHook function is used in several hotpaths.
The problem with it (performance wise) is twofold:
* The XaceHook function has a big switch() statement for the hook number in it
* The XaceHook function uses varargs to reassemble the final dispatch arguments again
Both are expensive operations... for something that is known at compile time
This patch turns the hotpath XaceHook call into a direct call to avoid
the switch and varargs; this gives me over 10% performance gain
on the x11perf benchmark.
delivery of events to windows and clients.
This is tentative. It's likely that an additional last-resort hook will
be necessary for code that calls TryClientEvents or WriteEventsToClient
directly. It's also possible that new xace machinery will be necessary
to classify events and pull useful resource ID's out of them.
The failure case also needs some thinking through. Should event delivery
"succeed" or should it report undeliverable?
Finally, XKB appears to call WriteToClient to pass events. Sigh.
arbitrary X status codes instead of just TRUE/FALSE.
The dix layer in most cases still does not propagate the return value of
XACE hooks back to the client, however. There is more error propagation
work to do.