This allows us to run the server as a normal user whilst still
being able to use the -modulepath, -logfile and -config switches
We define a xf86PrivsElevated which will do the checks and cache
the result in case it is called more than once.
Also renamed the paths #defines to match their new meaning.
Original discussion which led to this patch can be found here:
http://lists.freedesktop.org/archives/xorg-devel/2011-September/025853.html
Signed-off-by: Antoine Martin <antoine@nagafix.co.uk>
Tested-by: Michal Suchanek <hramrach at centrum.cz>
Reviewed-by: Jamey Sharp <jamey at minilop.net>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Not including GenericEvents
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Walter Harms <wharms@bfs.de>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
No functional changes
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
They achieve the same thing, re-use the more generic InputLevel so we can
convert to/fro easier.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
The changed logic means we don't require the explicit grab = NULL setting
and early exit anymore. Not 100% of it, but if we see that message pop up in
a log we know it's broken.
Signed-off-by: Chase Douglas <chase.douglas@canonical.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Effective functional change: XI2 events are checked with XACE now.
DeliverOneGrabbedEvent is exported for future use by touch events.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Currently unused, but will be in the future.
Signed-off-by: Chase Douglas <chase.douglas@canonical.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Fixes gcc warnings such as:
inpututils.c: In function 'valuator_mask_isset':
inpututils.c:498:5: warning: cast discards qualifiers from pointer target type
inpututils.c: In function 'CountBits':
inpututils.c:613:9: warning: cast discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Allows callers to avoid deconstifying arguments when calling, fixing
gcc warning:
filter.c: In function 'PictureGetFilterId':
filter.c:59:2: warning: cast discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Almost all of the places the string is assigned point to a literal
string constant, so use const char * for those, and const char **
for function calls that return it via an argument. Fortunately
the top level function, ClientAuthorized, which returns the string
as its return value is called from only one place, ProcEstablishConnection.
ProcEstablishConnection stores either that return value or a string literal
in char *reason. It only uses reason as an argument to SendConnSetup.
SendConnSetup passes the reason argument to strlen & WriteToClient,
both of which already have const qualifiers on their args.
Thus added const to the reason variable in ProcEstablishConnection
and the reason argument to SendConnSetup.
Fixes gcc warnings:
dispatch.c: In function 'ProcEstablishConnection':
dispatch.c:3711:9: warning: assignment discards qualifiers from pointer target type
auth.c: In function 'CheckAuthorization':
auth.c:218:14: warning: assignment discards qualifiers from pointer target type
auth.c:220:20: warning: assignment discards qualifiers from pointer target type
connection.c: In function 'ClientAuthorized':
connection.c:683:3: warning: return discards qualifiers from pointer target type
mitauth.c: In function 'MitCheckCookie':
mitauth.c:88:13: warning: assignment discards qualifiers from pointer target type
xdmauth.c:259:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:270:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:277:11: warning: assignment discards qualifiers from pointer target type
xdmauth.c:293:15: warning: assignment discards qualifiers from pointer target type
xdmauth.c:313:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:322:11: warning: assignment discards qualifiers from pointer target type
rpcauth.c: In function 'SecureRPCCheck':
rpcauth.c:136:10: warning: assignment discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
gcc was warning from storing string constants in a char *name field:
auth.c:64:1: warning: initialization discards qualifiers from pointer target type
auth.c:72:1: warning: initialization discards qualifiers from pointer target type
auth.c:81:1: warning: initialization discards qualifiers from pointer target type
Making the field const requires changing AuthorizationFromID to take
a const char ** pointer for the name argument which it sets to point
to the matching name entry.
Changing that argument requires changing its sole caller in the security
extension to pass the address of a const char * variable to it, which it
can do, since the only thing it does with the returned name is to pass
it back to the RemoveAuthorization function that already expects a const
char *name.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
LookupResourceName already returned a const char *, so just needed
to change the variable we're storing the list in to be a const char **
and then add const to the name argument to RegisterResourceName
(which just stores name in the array) and CreateNewResourceType
(which just passes name to RegisterResourceName).
Clears a bunch of gcc warnings of the form:
registry.c:319:5: warning: passing argument 2 of 'RegisterResourceName' discards qualifiers from pointer target type
registry.c:200:1: note: expected 'char *' but argument is of type 'const char *'
and from all the extensions:
damageext.c: In function 'DamageExtensionInit':
damageext.c:490:5: warning: passing argument 2 of 'CreateNewResourceType' discards qualifiers from pointer target type
../include/resource.h:159:26: note: expected 'char *' but argument is of type 'const char *'
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Avoids the dummy-event dance if we have an event type and need to get the
matching XI2 type.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
This is needed for touch event processing.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
__BUG_WARN_MSG is a simple helper to enable call with and without varargs. I
couldn't find a way to otherwise do this without getting gcc warnings.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
The current XI2 mask handling is handy for copying (fixed size arrays) but a
pain to deal with otherwise. Add a struct for XI2 masks and the required
accessors.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Not really needed at this point, but will be once touch support is added.
Since grabs are now expected to be allocated/freed with AllocGrab and
FreeGrab, CopyGrab must increase the refcount and duplicate the modifier
masks. Until the callers are switched to use FreeGrab, this introduces
memleaks.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Not needed since the GrabRec is a self-contained struct but will be needed
for the xi2 input mask rework.
FreeGrab already exists, make it available to other callers.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
No effective functionality change, just cleanup to make this code slightly
more sane.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Makes things a little easier to read.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
The example at the top of the file used a struct bar and a list of struct
foos. Use those two throughout instead of a different struct foo for the
examples and for the API documentation.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Even with the documentation, the list.c tests are the best examples.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
The existing list_add() prepends to the list, but in some cases we need the
list ordered in the way we append the elements.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Ensure ffs, strndup, strlcat, etc. aren't defined by our headers
if they're already defined in the system headers.
This does export the HAVE_FFS, HAVE_STRNDUP, etc. definitions to drivers,
but if you built the Xserver with a libc that had those, and then build
the drivers with a less capable libc, you're going to have problems anyway,
and this should solve some reported problems with conflicts between our
strndup definition and gcc magic for it.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Replace multiple methods of checking for functions with AC_CHECK_FUNCS
Replace multiple methods of selecting fallback funcs with AC_REPLACE_FUNCS
Replace HAS_* and NEED_* #defines with autogenerated HAVE_*
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Mikhail Gusarov <dottedmag@dottedmag.net>
Reviewed-by: Gaetan Nadon <memsize@videotron.ca>
The code that used getisax to check for MMX support was moved to pixman
and removed from the X server by commit eb2d7fe02f.
The code that used HAVE_MKSTEMP was deleted by the Xprint removal in
commit 1c8bd318fb.
All alloca calls were removed by the patch series end in commit 5e363500c8,
and used custom X checks instead of the autoconf HAVE_ALLOCA anyway.
I can find no record of HAVE_GETUID, HAVE_GETEUID, HAVE_LINK, HAVE_MEMMOVE,
HAVE_MEMSET, HAVE_STRCHR, HAVE_STRRCHR, HAVE_GETOPT, HAVE_GETOPT_LONG,
HAVE_DOPRNT, or HAVE_VPRINTF ever being used, and the calls to those
functions are not wrapped in #ifdefs.
(Most of those are in our baseline requirements of C89 & Unix98 anyway.)
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Mikhail Gusarov <dottedmag@dottedmag.net>
Reviewed-by: Gaetan Nadon <memsize@videotron.ca>
The record extension needs the major and minor opcodes in the reply
hook, but the request buffer may have been freed by the time the hook
is invoked. Saving the request major and minor codes as the request is
executed avoids fetching from the defunct request buffer.
This patch also eliminates the public MinorOpcodeOfRequest function,
inlining it into Dispatch. Usages of that function have been replaced
with direct access to the new ClientRec field.
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
There are plenty of cases that can only be triggered by a real bug in the
server and doing the ErrorF dance manually everywhere is a tad painful and
the error message is usually used only to find the spot in the file anyway.
Plus, reading BUG_WARN somewhere is a good indicator to the casual reader
that this isn't intended behaviour.
Note that this is intentionally different to the BUG_ON behaviour on the
kernel, we do not FatalError the server. It's just a warning + stacktrace.
If the bug is really fatal, call FatalError.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
And let it return a boolean value, that's all the callers need anyway.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Same bug as inputproto-2.0.1-9-gb1149ab, if the XI2LASTEVENT was a multiple
of 8, the mask was one bit too short.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
Cleans up around 120 warnings from this set
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Silencing more gcc -Wwrite-strings warnings
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Now that MakeAtom takes const char *, so can XIGetKnownProperty.
Clears 71 warnings from gcc -Wwrite-strings of the form:
devices.c:145:5: warning: passing argument 1 of 'XIGetKnownProperty' discards qualifiers from pointer target type
../include/exevents.h:128:23: note: expected 'char *' but argument is of type 'const char *'
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Linux test code fixed by: Keith Packard <keithp@keithp.com>
Since the check is for !(compilers that support __builtin_constant_p)
it needs to be !(gcc or new enough Sun cc), but was written as
!(gcc or too old Sun cc).
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Any pad bytes in replies are written to the client from a zeroed
array. However, record extension tries to incorrectly access the pad
bytes from the end of reply data.
Signed-off-by: Rami Ylimäki <rami.ylimaki@vincit.fi>
Reviewed-by: Erkki Seppälä <erkki.seppala@vincit.fi>
This is mainly needed for consistency with GetPointerEvents and friend.
No-one seems to actually need this function from outside the usual DDXs.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>