Newer
Older
commit af9111ac7fa399a5a33fbfa145060e1850f41e0e
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Feb 7 10:30:37 2023 +1000
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
commit 9ca7d3f61a88ae6cf47fdf139b6215d745db976b
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Jan 25 11:41:40 2023 +1000
Xi: fix potential use-after-free in DeepCopyPointerClasses
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 0ba6d8c37071131a49790243cdac55392ecf71ec)
commit 4b925d388f76764dcb02dfd1cd7276262dcd7d74
Author: Mike Gorse <mgorse@suse.com>
Date: Wed Jan 25 02:02:48 2023 +0000
dix: Use CopyPartialInternalEvent in EnqueueEvent
The event might be a DeviceEvent allocated on the stack, in
AccessXKeyboardEvent for instance. Fixes out-of-bounds read.
Signed-off-by: Mike Gorse <mgorse@suse.com>
(cherry picked from commit 2ef5ef57bd37a8bec2ac454053b283c6f87c3b40)
commit 44d6c82ac82a78d904a6d47387ac363d9699b891
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
darwin: Implement DetermineClientCmd for macOS
Withoug a proper implementation of DetermineClientCmd, clients that
connect via an ssh tunnel are miscategorized as local. This results
in failures when we try to use SCM_RIGHTS (eg: in MIT-SHM).
Fixes: https://github.com/XQuartz/XQuartz/issues/314
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 0ea9b595891f2f31915538192961f3404d9ca699)
commit 1317083fbc407dc9dbb04ba5b98187b75222a16f
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
os: Use LOCAL_PEERPID from sys/un.h if it is available to detemine the pid when falling back on getpeereids()
This provides a way to determine the pid of a peer connection on
systems like darwin that do not support getpeerucred() nor
SO_PEERCRED.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 8a4ab2287398773a4868c220662d93bf84ec6241)
commit a6c49106cef36e84eb11d64e325465250b7678be
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
os: Update GetLocalClientCreds to prefer getpeerucred() or SO_PEERCRED over getpeereid()
GetLocalClientCreds() was preferring getpeereid() above other implementations.
getpeereid(), however, only returns the effective uid and gid of the peer,
leaving the pid unset. When this happens, we are unable to use the pid to
determine the peer's command line arguments and incorrectly treat ssh-tunneled
traffic as local.
To address this, we now prioritize getpeerucred() or SO_PEERCRED as those two
implementations will return the pid in addition to uid and gid.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 165d5c1260edcb998c5cf31d3969723c7452aa7f)
commit a220f53cb81248d06fb6f044c102c6ab8bffe2d5
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
os: Update AllocNewConnection() debug logging to include whether or not the client is local
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 2577291f010e07173d0fc8b310ac355928f8ed7d)
commit 07f9689507eee11bdbc2828ac1319fbde91ad27c
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Revert "meson: Don't build COMPOSITE for XQuartz"
This will allow us to remove build-time conditionalization on COMPOSITE
while still allowing XQuartz to disable it and use ROOTLESS.
This reverts commit 5f2d652377995c0c0c3cf07463b5018450661d13
(cherry picked from commit 66e7b7349dffda6fef51ed029fdc91b787ca4c08)
commit 8ea43dd8bf8f8f2cb82a2a1f2c004ee873e7810d
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Sun Nov 27 22:23:43 2022 -0800
xquartz: Disable COMPOSITE at runtime
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 2567388a2957cef526df1b7efb2684aa74feb641)
commit aa0d8d440c39beb276cd26723d822728ce394e01
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Update the about box copyright to 2023
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 15077090d371a2679d274c5d129a3102762d18ec)
commit 8feba178f8b73b983033c197c384c580a6397a41
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Sat Jan 14 23:33:59 2023 -0800
xquartz: Fix building with autoconf
Regressed-in: 5d302c378d9d21b34db2434425b766ac4f05de89
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
commit c8ef9e38187e00dbaf956893f987e15e8f42f61c
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue Jul 12 14:44:48 2022 +0200
dix: Fix overzealous caching of ResourceClientBits()
Commit c7311654 cached the value of ResourceClientBits(), but that value
depends on the `MaxClients` value set either from the command line or
from the configuration file.
For the latter, a call to ResourceClientBits() is issued before the
configuration file is read, meaning that the cached value is from the
default, not from the maximum number of clients set in the configuration
file.
That obviously causes all sort of issues, including memory corruption
and crashes of the Xserver when reaching the default limit value.
To avoid that issue, also keep the LimitClient value, and recompute the
ilog2() value if that changes, as on startup when the value is set from
the the xorg.conf ServerFlags section.
v2: Drop the `cache == 0` test
Rename cache vars
Fixes: c7311654 - dix: cache ResourceClientBits() value
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1310
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
(cherry picked from commit 2efa6d659508346358a1ef27b2393e18843f66a3)
commit a0216de2367429788be4ef430026ada215106ff5
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
rootless: Add additional debug logging to help triage XQuartz fb/rootless/damage crashes
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 07ed1a623a4b36cdb741a322008ba53d913dc765)
commit 264272f3d76e4f1e50d984640c57de77aca9ba37
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Use xorg_backtrace() instead of rolling our own for debugging
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit d1a9a50792110683ae3f993eeeffeee79cf9cbce)
commit 20f380c6d93be3ef561251584163d1fe1ae2d966
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 9a66690eaf67c19b90e07f39b16436d34b59e27a)
commit 59b6fc88ed9f4b22397a568c2483e4c558856ffa
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon Dec 19 10:46:20 2022 +0100
xserver 21.1.6
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
commit b7760d41c177983c2f2fca2ebdb8105628291720
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon Dec 19 10:06:45 2022 +1000
Xext: fix invalid event type mask in XTestSwapFakeInput
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
hexadecimal 0x177.
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
Xtest: disallow GenericEvents in XTestSwapFakeInput
Found by Stuart Cassoff
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30)
commit 69ab3bcaa0f6a5adef6ec19161eb856a4744b32c
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Jul 13 11:23:09 2022 +1000
xkb: fix some possible memleaks in XkbGetKbdByName
GetComponentByName returns an allocated string, so let's free that if we
fail somewhere.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 18f91b950e22c2a342a4fbc55e9ddf7534a707d2)
commit 5dbb2b52cfeab212b5c9b7e344692a6384efdc4c
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Jul 5 12:06:20 2022 +1000
xkb: proof GetCountedString against request length attacks
GetCountedString did a check for the whole string to be within the
request buffer but not for the initial 2 bytes that contain the length
field. A swapped client could send a malformed request to trigger a
swaps() on those bytes, writing into random memory.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 11beef0b7f1ed290348e45618e5fa0d2bffcb72e)
commit becf9d51c33a21e7700b18bb2324f466bb966de5
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
commit 61d18bed664769b1d94ea1320e27f71560a01af2
Author: John D Pell <John+git@gaelicWizard.net>
Date: Tue Jul 13 23:46:28 2021 -0700
XQuartz: stub: Call LSOpenApplication instead of fork()/exec()
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
commit f292fbfaac0c653ee49bbb24deb3add2b5da602f
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Dec 14 11:34:41 2022 +1000
xserver 21.1.5
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
commit e860bbce4fdb169e84033529331ae2666e679de7
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon Dec 5 15:55:54 2022 +1000
xkb: reset the radio_groups pointer to NULL after freeing it
Unlike other elements of the keymap, this pointer was freed but not
reset. On a subsequent XkbGetKbdByName request, the server may access
already freed memory.
CVE-2022-4283, ZDI-CAN-19530
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit ccdd431cd8f1cabae9d744f0514b6533c438908c)
commit 8a1fa008b2f90abce6cabb27d9bc2ed76d07b678
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:26:57 2022 +1000
Xi: avoid integer truncation in length check of ProcXIChangeProperty
This fixes an OOB read and the resulting information disclosure.
Length calculation for the request was clipped to a 32-bit integer. With
the correct stuff->num_items value the expected request size was
truncated, passing the REQUEST_FIXED_SIZE check.
The server then proceeded with reading at least stuff->num_items bytes
(depending on stuff->format) from the request and stuffing whatever it
finds into the property. In the process it would also allocate at least
stuff->num_items bytes, i.e. 4GB.
The same bug exists in ProcChangeProperty and ProcXChangeDeviceProperty,
so let's fix that too.
CVE-2022-46344, ZDI-CAN 19405
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 8f454b793e1f13c99872c15f0eed1d7f3b823fe8)
commit 40f431de8a76f737c68ae659fee8472583f15e49
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:24:00 2022 +1000
Xi: return an error from XI property changes if verification failed
Both ProcXChangeDeviceProperty and ProcXIChangeProperty checked the
property for validity but didn't actually return the potential error.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b8a84cb0f2807b07ab70ca9915fcdee21301b8ca)
commit d6c7de9eadca980c8ce3b3b7752b67bfa95e6f31
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 14:53:07 2022 +1000
Xext: free the screen saver resource when replacing it
This fixes a use-after-free bug:
When a client first calls ScreenSaverSetAttributes(), a struct
ScreenSaverAttrRec is allocated and added to the client's
resources.
When the same client calls ScreenSaverSetAttributes() again, a new
struct ScreenSaverAttrRec is allocated, replacing the old struct. The
old struct was freed but not removed from the clients resources.
Later, when the client is destroyed the resource system invokes
ScreenSaverFreeAttr and attempts to clean up the already freed struct.
Fix this by letting the resource system free the old attrs instead.
CVE-2022-46343, ZDI-CAN 19404
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 842ca3ccef100ce010d1d8f5f6d6cc1915055900)
commit 67927cc41f452228188bbe2aa34a9ee4a9ce0c6b
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Nov 30 11:20:40 2022 +1000
Xext: free the XvRTVideoNotify when turning off from the same client
This fixes a use-after-free bug:
When a client first calls XvdiSelectVideoNotify() on a drawable with a
TRUE onoff argument, a struct XvVideoNotifyRec is allocated. This struct
is added twice to the resources:
- as the drawable's XvRTVideoNotifyList. This happens only once per
drawable, subsequent calls append to this list.
- as the client's XvRTVideoNotify. This happens for every client.
The struct keeps the ClientPtr around once it has been added for a
client. The idea, presumably, is that if the client disconnects we can remove
all structs from the drawable's list that match the client (by resetting
the ClientPtr to NULL), but if the drawable is destroyed we can remove
and free the whole list.
However, if the same client then calls XvdiSelectVideoNotify() on the
same drawable with a FALSE onoff argument, only the ClientPtr on the
existing struct was set to NULL. The struct itself remained in the
client's resources.
If the drawable is now destroyed, the resource system invokes
XvdiDestroyVideoNotifyList which frees the whole list for this drawable
- including our struct. This function however does not free the resource
for the client since our ClientPtr is NULL.
Later, when the client is destroyed and the resource system invokes
XvdiDestroyVideoNotify, we unconditionally set the ClientPtr to NULL. On
a struct that has been freed previously. This is generally frowned upon.
Fix this by calling FreeResource() on the second call instead of merely
setting the ClientPtr to NULL. This removes the struct from the client
resources (but not from the list), ensuring that it won't be accessed
again when the client quits.
Note that the assignment tpn->client = NULL; is superfluous since the
XvdiDestroyVideoNotify function will do this anyway. But it's left for
clarity and to match a similar invocation in XvdiSelectPortNotify.
CVE-2022-46342, ZDI-CAN 19400
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b79f32b57cc0c1186b2899bce7cf89f7b325161b)
commit a6c0d7b142e762a6b9934a23e060ea91ff5afcea
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:55:32 2022 +1000
Xi: disallow passive grabs with a detail > 255
The XKB protocol effectively prevents us from ever using keycodes above
255. For buttons it's theoretically possible but realistically too niche
to worry about. For all other passive grabs, the detail must be zero
anyway.
This fixes an OOB write:
ProcXIPassiveUngrabDevice() calls DeletePassiveGrabFromList with a
temporary grab struct which contains tempGrab->detail.exact = stuff->detail.
For matching existing grabs, DeleteDetailFromMask is called with the
stuff->detail value. This function creates a new mask with the one bit
representing stuff->detail cleared.
However, the array size for the new mask is 8 * sizeof(CARD32) bits,
thus any detail above 255 results in an OOB array write.
CVE-2022-46341, ZDI-CAN 19381
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 51eb63b0ee1509c6c6b8922b0e4aa037faa6f78b)
commit 936d34bdff4c479ccd0405fc221ff8e4c6c7014d
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 12:55:45 2022 +1000
Xtest: disallow GenericEvents in XTestSwapFakeInput
XTestSwapFakeInput assumes all events in this request are
sizeof(xEvent) and iterates through these in 32-byte increments.
However, a GenericEvent may be of arbitrary length longer than 32 bytes,
so any GenericEvent in this list would result in subsequent events to be
misparsed.
Additional, the swapped event is written into a stack-allocated struct
xEvent (size 32 bytes). For any GenericEvent longer than 32 bytes,
swapping the event may thus smash the stack like an avocado on toast.
Catch this case early and return BadValue for any GenericEvent.
Which is what would happen in unswapped setups anyway since XTest
doesn't support GenericEvent.
CVE-2022-46340, ZDI-CAN 19265
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63)
commit 5f2d652377995c0c0c3cf07463b5018450661d13
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 9c0373366988cc0b909ba31e61c43cc46e054b40)
commit 3dee0aac2c0ed4538880b65ee528e4633d103592
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Move default applications list outside of the main executable
Fixes: https://github.com/XQuartz/XQuartz/issues/274
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit e654de80ed560c480efc072d876808b1d78da052)
commit 5d302c378d9d21b34db2434425b766ac4f05de89
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
(cherry picked from commit 3dbd809c0e2d8da4191dd4a3fd4abdd14be0d838)
commit 6bf62381d0a1fb54226a10f9d0e6b03aff12f3aa
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Tue Jul 12 16:09:23 2022 +0300
xserver 21.1.4
commit 06b23cccb1166fcccc2f5fe7259b3ef9e1d0f32e
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Jul 5 11:11:06 2022 +1000
xkb: add request length validation for XkbSetGeometry
No validation of the various fields on that report were done, so a
malicious client could send a short request that claims it had N
sections, or rows, or keys, and the server would process the request for
N sections, running out of bounds of the actual request data.
Fix this by adding size checks to ensure our data is valid.
ZDI-CAN 16062, CVE-2022-2319.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 6907b6ea2b4ce949cb07271f5b678d5966d9df42)
commit e3a530540f2f13739b0233ec51d7a3985a7ec4be
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Jul 5 09:50:41 2022 +1000
xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck
XKB often uses a FooCheck and Foo function pair, the former is supposed
to check all values in the request and error out on BadLength,
BadValue, etc. The latter is then called once we're confident the values
are good (they may still fail on an individual device, but that's a
different topic).
In the case of XkbSetDeviceInfo, those functions were incorrectly
named, with XkbSetDeviceInfo ending up as the checker function and
XkbSetDeviceInfoCheck as the setter function. As a result, the setter
function was called before the checker function, accessing request
data and modifying device state before we ensured that the data is
valid.
In particular, the setter function relied on values being already
byte-swapped. This in turn could lead to potential OOB memory access.
Fix this by correctly naming the functions and moving the length checks
over to the checker function. These were added in 87c64fc5b0 to the
wrong function, probably due to the incorrect naming.
Fixes ZDI-CAN 16070, CVE-2022-2320.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Introduced in c06e27b2f6fd9f7b9f827623a48876a225264132
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit dd8caf39e9e15d8f302e54045dd08d8ebf1025dc)
commit e75840565775dc95b848b366aeed44066a9d8a28
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Jul 5 12:40:47 2022 +1000
xkb: switch to array index loops to moving pointers
Most similar loops here use a pointer that advances with each loop
iteration, let's do the same here for consistency.
No functional changes.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit f1070c01d616c5f21f939d5ebc533738779451ac)
commit f3d9c6ff12b5a8a1a9f316b096d5573060747ff9
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Add missing files to distribution tarball
Fixes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1346
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
commit 147c17fc786c268ec51dc0f0655e69f6493f7ef2
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
XQuartz: Improve type safety for X11Controller's application menu editor
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 4cfdc5af31ae8282903d0f65cff858330b9f9d1a)
commit 9e2fc7e2484be7c577ee5baf3765734beef9adc2
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Fix a possible crash when editing the Application menu due to mutaing immutable arrays
Crashing on exception: -[__NSCFArray replaceObjectAtIndex:withObject:]: mutating method sent to immutable object
Application Specific Backtrace 0:
0 CoreFoundation 0x00007ff80d2c5e9b __exceptionPreprocess + 242
1 libobjc.A.dylib 0x00007ff80d027e48 objc_exception_throw + 48
2 CoreFoundation 0x00007ff80d38167b _CFThrowFormattedException + 194
3 CoreFoundation 0x00007ff80d382a25 -[__NSCFArray removeObjectAtIndex:].cold.1 + 0
4 CoreFoundation 0x00007ff80d2e6c0b -[__NSCFArray replaceObjectAtIndex:withObject:] + 119
5 X11.bin 0x00000001003180f9 -[X11Controller tableView:setObjectValue:forTableColumn:row:] + 169
Fixes: https://github.com/XQuartz/XQuartz/issues/267
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit dfd057996b26420309c324ec844a5ba6dd07eda3)
commit 86ace20398a6c559e89213622538134b72e448b1
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Use correct defines when building to support Sparkle updates
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit aa636b97c66343b25e508b9c73d8505e8c11b1d9)
commit 855b96a85bc0711460a2542573a9a3959d1bfefa
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sun Dec 19 16:51:39 2021 +0200
xfree86: Fix event data alignment in inputtest driver
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
This fixes address sanitizer errors when running unit tests. The
additional copying may reduce performance by a small amount, but we
don't care about that because this driver is used for testing only.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 7d2014e7d523e10623203582b9f573303750f087)
commit 9d05ee10c231edacc69b342677ae8c3cc32f97e5
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sun Jan 16 10:42:15 2022 +0200
dix: Don't send touch end to clients that do async grab without touches
GTK3 menu widget creates a selection for touch and other events and
after receiving touch events creates an async grab that excludes touch
events. Unfortunately it relies on X server not sending the touch end
event in order to function properly. Sending touch end event will cause
it to think that the initiating touch ended and when it actually ends,
the ButtonRelease event will make it think that the menu should be
closed. As a result, the menu will be open only for the duration of the
touch making it useless.
This commit reverts f682e0563f736ed2c2c612ed575e05b6e3db945e.
Fixes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1255
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 43e934a19f644cddedae73602e86429c9dc5074a)
commit b713e717c34d539486f661c03a0f1b35b3208d21
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sun Jan 23 22:18:52 2022 +0200
dix: Correctly save replayed event into GrabInfoRec
When processing events we operate on InternalEvent pointers. They may
actually refer to a an instance of DeviceEvent, GestureEvent or any
other event that comprises the InternalEvent union. This works well in
practice because we always look into event type before doing anything,
except in the case of copying the event.
*dst_event = *src_event would copy whole InternalEvent event and would
cause out of bounds read in case the pointed to event was not
InternalEvent but e.g. DeviceEvent.
This regression has been introduced in
23a8b62d34344575f9df9d057fb74bfefa94a77b.
Fixes https://gitlab.freedesktop.org/xorg/xserver/-/issues/1261
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 6ef5c05728f8b18170fbc8415d7502495a08670b)
commit cd3d21d8c44a35c22b7eca61a58bb5620b116102
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Wed Jan 26 00:05:55 2022 +0100
xkb: fix XkbSetMap when changing a keysym without changing a keytype
As the comment says:
"symsPerKey/mapWidths must be filled regardless of client-side flags"
so we always have to call CheckKeyTypes which will notably fill mapWidths
and nTypes. That is needed for CheckKeySyms to work since it checks the
width. Without it, any request with XkbKeySymsMask but not
XkbKeyTypesMask will fail because of the missing width information, for
instance this:
XkbDescPtr xkb;
if (!(xkb = XkbGetMap (dpy, XkbKeyTypesMask|XkbKeySymsMask, XkbUseCoreKbd))) {
fprintf (stderr, "ERROR getting map\n");
exit(1);
}
XFlush (dpy);
XSync (dpy, False);
XkbMapChangesRec changes = { .changed = 0 };
int oneGroupType[XkbNumKbdGroups] = { XkbOneLevelIndex };
if (XkbChangeTypesOfKey(xkb, keycode, 1, XkbGroup1Mask, oneGroupType, &changes)) {
fprintf(stderr, "ERROR changing type of key\n");
exit(1);
}
XkbKeySymEntry(xkb,keycode,0,0) = keysym;
if (!XkbChangeMap(dpy,xkb,&changes)) {
fprintf(stderr, "ERROR changing map\n");
exit(1);
}
XkbFreeKeyboard (xkb, 0, TRUE);
XFlush (dpy);
XSync (dpy, False);
This had being going under the radar since about ever until commit
de940e06f8733d87bbb857aef85d830053442cfe ("xkb: fix key type index check
in _XkbSetMapChecks") fixed checking the values of kt_index, which was
previously erroneously ignoring errors and ignoring all other checks, just
because nTypes was not set, precisely because CheckKeyTypes was not called.
Note: yes, CheckKeyTypes is meant to be callable without XkbKeyTypesMask, it
does properly check for that and just fills nTypes and mapWidths in that
case.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
(cherry picked from commit 0217cc6e0cf5013366105a90f5f91ccc4bab5425)
commit f575524314e9f20a1ff639f6bd65386cdbd083f4
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Thu Feb 3 20:04:52 2022 +0200
Revert "os: Try to discover the current seat with the XDG_SEAT var first"
This reverts commit b27eaa72837eebe80adfe6c257a71a6b9eaf66ee.
commit 419fbf639d8f53d39449c157a9554bd5482ed64f
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 9ce7264889e36fddbdf6bac332225ad6f628ad5d)
commit 66ac50090dd191f1b16daf338ca3b46d9147fbbd
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
XQuartz: Build the bundle trampoline when using meson
This brings the change for e1fdc856aedfcb4788011415930a0c6861df5123 into meson based builds
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit b00cf4aef881e00533f995c141c3586749cd7ca1)
commit 033d93a021e86dd5ce9b2b3a1554a72c7031a7f2
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
meson: Support building Xnest and Xorg on darwin
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit ef8101560eefd6160df6d4b57ddb65ea2328c441)
commit 433f53a1a08390a038176b7c1207512cf1dd3f44
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
tests: Fix build failure from missing micmap.c
FAILED: test/tests
clang -o test/tests test/tests.p/.._mi_miinitext.c.o test/tests.p/fixes.c.o test/tests.p/input.c.o test/tests.p/list.c.o test/tests.p/misc.c.o test/tests.p/signal-logging.c.o test/tests.p/string.c.o test/tests.p/test_xkb.c.o test/tests.p/tests-common.c.o test/tests.p/tests.c.o test/tests.p/touch.c.o test/tests.p/xfree86.c.o test/tests.p/xtest.c.o test/tests.p/hashtabletest.c.o -Wl,-dead_strip_dylibs -Wl,-headerpad_max_install_names -Wl,-undefined,error -fvisibility=hidden -O0 -g3 -gdwarf-2 -mmacosx-version-min=10.9 -Werror=unguarded-availability-new -Werror=format -Werror=objc-method-access -Werror=incompatible-pointer-types -F/Applications/Utilities/XQuartz.app/Contents/Frameworks -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX10.13.sdk -arch x86_64 -O0 -g3 -gdwarf-2 -mmacosx-version-min=10.9 -Werror=unguarded-availability-new -Werror=format -Werror=objc-method-access -Werror=incompatible-pointer-types -F/Applications/Utilities/XQuartz.app/Contents/Frameworks -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX10.13.sdk -arch x86_64 -Wl,-rpath,/opt/X11/lib mi/liblibxserver_mi.a dix/liblibxserver_dix.a composite/liblibxserver_composite.a damageext/liblibxserver_damageext.a dbe/liblibxserver_dbe.a randr/liblibxserver_randr.a miext/damage/liblibxserver_miext_damage.a render/liblibxserver_render.a present/liblibxserver_present.a Xext/liblibxserver_xext.a miext/sync/liblibxserver_miext_sync.a xfixes/liblibxserver_xfixes.a Xi/liblibxserver_xi.a xkb/liblibxserver_xkb.a record/liblibxserver_record.a os/liblibxserver_os.a os/liblibxlibc.a glx/liblibglxvnd.a hw/xfree86/common/libxorg_common.a hw/xfree86/loader/libxorg_loader.a hw/xfree86/ddc/libxorg_ddc.a hw/xfree86/xkb/libxorg_xkb.a hw/xfree86/i2c/libxorg_i2c.a hw/xfree86/modes/libxorg_modes.a hw/xfree86/os-support/libxorg_os_support.a hw/xfree86/parser/libxorg_parser.a hw/xfree86/ramdac/libxorg_ramdac.a fb/liblibxserver_fb.a Xext/liblibxserver_xext_vidmode.a dix/liblibxserver_main.a config/liblibxserver_config.a /opt/X11/lib/libpixman-1.dylib /opt/X11/lib/libxcvt.dylib /opt/X11/lib/libxkbfile.dylib /opt/X11/lib/libXfont2.dylib /opt/X11/lib/libXdmcp.dylib -lm /opt/X11/lib/libxshmfence.dylib -ldl -lpthread /opt/X11/lib/libXau.dylib /opt/X11/lib/libGL.dylib
Undefined symbols for architecture x86_64:
"_micmapScrPrivateKeyRec", referenced from:
_DGAInstallCmap in libxorg_common.a(xf86DGA.c.o)
_xf86HandleColormaps in libxorg_common.a(xf86cmap.c.o)
_CMapInstallColormap in libxorg_common.a(xf86cmap.c.o)
_CMapEnterVT in libxorg_common.a(xf86cmap.c.o)
_CMapSwitchMode in libxorg_common.a(xf86cmap.c.o)
_CMapSetDGAMode in libxorg_common.a(xf86cmap.c.o)
_CMapChangeGamma in libxorg_common.a(xf86cmap.c.o)
...
ld: symbol(s) not found for architecture x86_64
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 6645ff59069d603806d749e8af73893cf88d2c06)
commit 3868f364728ae0cc35621bbfdd36bfa2e3f09fda
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xf86-input-inputtest: Fix build on systems without SOCK_NONBLOCK
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 707f23dab8787b4154011186206dc9964e2ebc11)
commit afcaaac96767d773422512e755e5ad3691a0627c
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
../hw/xfree86/ddc/print_edid.c:511:20: error: format specifies type 'unsigned short' but the argument has type 'int' [-Werror,-Wformat]
det_mon->type - DS_VENDOR);
^~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 199b8c0853c92ce19a589186f326621477401b74)
commit 6bb98fc62ddf8b0dd90f7b0b45978a0d0425ed5a
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Update autotools-based builds of XQuartz to account for recent changes
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
commit 4ea6f661edbbd84b3f2b308675bd2aa848b53746
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Revert "meson: Bump requirement to meson-0.50.0"
This bump is causing issues with our CI. Sorry about that.
This reverts commit a6a20a7c40f86b5586286aaa614e6b64a5987d82
(cherry picked from commit 8cd0397e5b4c1f0e0add1fea67f82b811214bf3e)
commit a6a20a7c40f86b5586286aaa614e6b64a5987d82
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Sun Jun 19 23:06:40 2022 -0700
meson: Provide options to set CFBundleVersion and CFBundleVersionString in XQuartz
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 4f5999826aa478ba5f138e74cfccdf3b854c8e54)
commit 37285e6252ce3afca5bc205121f83271548dfca9
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit b12f5dc62d964d0279e1fa9403259cfd8e491285)
commit 96e7b55c5d6898a6715b62d5e01581617d218997
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Update Sparkle configuration to use SUPublicEDKey
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 1d90bef30c4dfe13dd5e70fea606a02380cbcee6)
commit 6465263be8ae98283f8e99a3e95d04e786386040
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
meson: Bump requirement to meson-0.50.0
WARNING: Project specifies a minimum meson_version '>= 0.47.0' but uses features which were added in newer versions:
* 0.50.0: {'install arg in configure_file'}
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 0a27f96d1d0e474b308be982fa7069d3ae0d9892)
commit e48acd9c40c09b7c66a7bfc6650afc216ba78cca
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
XQuartz: Ensure scroll events are delivered to a single window (not both X11 and AppKit)
Fixes: https://github.com/XQuartz/XQuartz/issues/130
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 4532b696c644cb7f21e96cf76d3e6b21ccc0e309)
commit 140d9a0f75194d4079d5cd1e4ad4683c6f47683e
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Fold spaces related preferences into NSUserDefaults+XQuartzDefaults
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit f40610e0b4f2b4ae54ef6bbff756cb4a60e17e3b)
commit 03ec5b132f0b3e07f9340faaacaa2455717fd8d1
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz pbproxy: Adopt NSUserDefaults+XQuartzDefaults for preferences
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 6134c73aebc3f928639e8f802be49ec8ecc17e66)
commit 6df6178bb917f596ec2f61a3aabf99eea620b6ec
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
xquartz: Create a separate category for organizing user preferences
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 963ba6d9adf578ec8d7ed12ae22dece76b895172)
commit c6c1cba397ffa203123a8a6690dee728089e7325
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
os/connection: Improve abstraction for launchd secure sockets
This changes away from hard-coding the /tmp/launch-* path to now
supporting a generic <absolute path to unix socket>[.<screen>]
format for $DISPLAY.
cf-libxcb: d978a4f69b30b630f28d07f1003cf290284d24d8
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
CC: Adam Jackson <ajax@kemper.freedesktop.org>
(cherry picked from commit 83d0d911069d502232d719882cd1c5cd090defa1)
commit 663af2f17eec2cc064f3d1e25e00fb840c441964
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
X11Application: Ensure TIS operations are done on the main thread
Fixes: https://github.com/XQuartz/XQuartz/issues/205
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit b1afcecc61d841f95e786e4f4f84184f91d149f1)
commit bd3564cf377deace41b359740331d84e3086e916
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
rootless: Dead code removal (ROOTLESS_REDISPLAY_DELAY is already defined)
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit c11b55f3c0c64645bca964aece825de0bdd92b1f)
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
commit 53173fdab492f0f638f6616fcf01af0b9ea6338d
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Thu Jan 20 10:20:38 2022 +0100
render: Fix build with gcc 12
The xserver fails to compile with the latest gcc 12:
render/picture.c: In function ‘CreateSolidPicture’:
render/picture.c:874:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds]
874 | pPicture->pSourcePict->type = SourcePictTypeSolidFill;
| ^~
render/picture.c:868:45: note: object of size 16 allocated by ‘malloc’
868 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
render/picture.c: In function ‘CreateLinearGradientPicture’:
render/picture.c:906:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds]
906 | pPicture->pSourcePict->linear.type = SourcePictTypeLinear;
| ^~
render/picture.c:899:45: note: object of size 32 allocated by ‘malloc’
899 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
render/picture.c: In function ‘CreateConicalGradientPicture’:
render/picture.c:989:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds]
989 | pPicture->pSourcePict->conical.type = SourcePictTypeConical;
| ^~
render/picture.c:982:45: note: object of size 32 allocated by ‘malloc’
982 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
ninja: build stopped: subcommand failed.
This is because gcc 12 has become stricter and raises a warning now.
Fix the warning/error by allocating enough memory to store the union
struct.
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Acked-by: Michel Dänzer <mdaenzer@redhat.com>
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1256
(cherry picked from commit c6b0dcb82d4db07a2f32c09a8c09c85a5f57248e)
commit 69774044716039fa70655b3bc6dd6a4ff4535cfd
Author: Błażej Szczygieł <spaz16@wp.pl>
Date: Thu Jan 13 00:47:27 2022 +0100
present: Check for NULL to prevent crash
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1275
Signed-off-by: Błażej Szczygieł <spaz16@wp.pl>
Tested-by: Aaron Plattner <aplattner@nvidia.com>
(cherry picked from commit 22d5818851967408bb7c903cb345b7ca8766094c)
commit 85397cc2efe8fa73461cd21afe700829b2eca768
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Mon Jan 3 00:23:30 2022 +0200
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 001feb6692b77254db6a4906a82fa1bdadfd7b85
Author: Adam Jackson <ajax@redhat.com>
Date: Tue Oct 26 11:46:37 2021 -0400
glx/dri: Filter out fbconfigs that don't have a supported pixmap format
For depth 30 in particular it's not uncommon for the DDX to not have
a configured pixmap format. Since the client expects to back both
GLXPixmaps and GLXPbuffers with X Pixmaps, trying to use an x2rgb10
fbconfig would fail along various paths to CreatePixmap. Filter these
fbconfigs out so the client can't ask for something that we know won't
work.
(cherry picked from commit f6c070a1ac05801c52ae60efb7dc4b3142653b7d)
commit 66890ca569291a53ea9cdc6ec19070173e522260
Author: Jocelyn Falempe <jfalempe@redhat.com>
Date: Fri Dec 17 10:18:25 2021 +0100
xf86/logind: fix missing call to vtenter if the platform device is not paused
If there is one platform device, which is not paused nor resumed,
systemd_logind_vtenter() will never get called.
This break suspend/resume, and switching to VT on system with Nvidia
proprietary driver.
This is a regression introduced by f5bd039633fa83
So now call systemd_logind_vtenter() if there are no paused
platform devices.
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1271
Fixes: f5bd0396 - xf86/logind: fix call systemd_logind_vtenter after receiving drm device resume
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Tested-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
commit fec0e2501b424ec6cfbf4c7983727acfafea0ccb
Author: Jocelyn Falempe <jfalempe@redhat.com>
Date: Thu Dec 16 15:46:43 2021 +0100
xf86/logind: Fix compilation error when built without logind/platform bus
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1269
Fixes: da9d012a9 - xf86/logind: Fix drm_drop_master before vt_reldisp
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
commit 8223a9d6d9ed2b9a4c1e6373f6ab854fdbda9ead
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Tue Nov 16 23:38:46 2021 +0100
This fixes a crash when a DeviceEvent struct converted to
InteralEvent was beeing copied as InternalEvent (and thus
causing out of bounds reads) in ActivateGrabNoDelivery()
in events.c: 3876 *grabinfo->sync.event = *real_event;
Possible fix for https://gitlab.freedesktop.org/xorg/xserver/-/issues/1253
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit 5b8817a019845e1066c373022133985a0e2d718f)
commit b27eaa72837eebe80adfe6c257a71a6b9eaf66ee
Author: nerdopolis <bluescreen_avenger@verizon.net>
Date: Fri Oct 8 18:15:29 2021 -0400
os: Try to discover the current seat with the XDG_SEAT var first
(cherry picked from commit ca1dfdc9aa4b548de624d3a9af5147a998ba3d79)
commit 9852b29380673484aea25771a3e812c8e8a40393
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Dec 15 15:46:09 2021 +0200
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 9fe2991075aca3321d59d03f3e45faca6cb718b8
Author: Sam James <sam@gentoo.org>
Date: Wed Dec 15 10:41:22 2021 +0200
hw/xfree86: fix sbus build for SPARC
Initially reported downstream in Gentoo. Manifests with errors like:
```
gnu/bin/ld: hw/xfree86/common/libxorg_common.a(xf86fbBus.c.o): in function `xf86ClaimFbSlot':
xf86fbBus.c:(.text+0x20): undefined reference to `sbusSlotClaimed'
/usr/lib/gcc/sparc-unknown-linux-gnu/11.2.0/../../../../sparc-unknown-linux-gnu/bin/ld: xf86fbBus.c:(.text+0x2c): undefined reference to `sbusSlotClaimed'
```
While we use the headers in meson.build, we don't reference xf86sbusBus.c
which defines the missing symbols like sbusSlotClaimed.
Bug: https://bugs.gentoo.org/828513
Signed-off-by: Sam James <sam@gentoo.org>
(cherry picked from commit 6c1a1fcc4bff90546ebc954f428c6df97005ea50)
commit 0b67785cd13e65d37416f75ab938bdc49cf4732f
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Dec 15 10:41:21 2021 +0200
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
This vulnerability was discovered and the fix was suggested by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60)
commit 7209982d2a89f2e27d2f83f8952e9512be813aa4
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Dec 15 10:41:20 2021 +0200
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
This vulnerability was discovered and the fix was suggested by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 6c4c53010772e3cb4cb8acd54950c8eec9c00d21)
commit 6f09e7d3913a8188e32062f5e196bebb06bab140
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Dec 15 10:41:19 2021 +0200
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
This vulnerability was discovered and the fix was suggested by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit b5196750099ae6ae582e1f46bd0a6dad29550e02)
commit a82d523edb30e5856adca9f258ac716108c71f19
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Dec 15 10:41:18 2021 +0200
record: Fix out of bounds access in SwapCreateRegister()
This vulnerability was discovered and the fix was suggested by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit e56f61c79fc3cee26d83cda0f84ae56d5979f768)
commit a39218d99c6961dda0142d9956eb7404a37d9bd2
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Wed Dec 15 10:41:17 2021 +0200
With the new numbering scheme, XORG_VERISON_SNAP doesn't mean
a pre-release version anymore.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit 4de9666b6d3c86660d728ddfc13d88700e5ff20d)
commit fc2eb7e8cc19a41e034f2f4286af58f8b4825d65
Author: Matt Turner <mattst88@gmail.com>
Date: Tue Dec 7 21:39:58 2021 -0800
test: #undef NDEBUG so assert is not compiled away
(cherry picked from commit d189102c783653a10931051175de24277a157331)
commit 7caf29ca6607ddf4c19a81d19c0f4acc6deb8936
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sat Nov 13 16:42:36 2021 +0200
meson: Correctly set DDXOSVERRORF and DDXBEFORERESET on xwin
This worked with autotools, but not meson build system.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 04c93b98e9e4593aa2e6701bb08f5e27c3544d8a)
commit 101791f80fdefea738421a414177899db7c76e83
Author: Jonathan Gray <jsg@jsg.id.au>
Date: Fri Dec 3 19:17:18 2021 +1100
Attempting to run fvwm on a x61/965gm with xserver 1.21.1 with the
modesetting driver on OpenBSD/amd64 would cause the xserver to
reliably crash.
I tracked this down to the free() calls introduced in
2906ee5e4a722138cccb3265a615da7705a52589
(d1ca47e1242b51c79cec7287f52c36c8e494706b in branch).
clang also warns about this:
glamor_program.c:296:13: warning: variable 'vs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:290:9: warning: variable 'vs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:288:9: warning: variable 'vs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:277:13: warning: variable 'vs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:296:13: warning: variable 'fs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:290:9: warning: variable 'fs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:288:9: warning: variable 'fs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
glamor_program.c:277:13: warning: variable 'fs_prog_string' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
Fixes: 2906ee5e4 ("glamor: Fix leak in glamor_build_program()")
(cherry picked from commit 5ac6319776b13f96a2b336da4b35237618a5b001)
commit 2c6989f81e62bac05a583c39fa09a06172d1ece5
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu Dec 2 10:41:03 2021 +1000
xkb: fix XkbSetMap check for the keytypes count
The previous if/else condition resulted in us always setting the key
type count to the current number of key types. Split this up correctly.
Regression introduced in de940e06f8733d87bbb857aef85d830053442cfe
Fixes #1249
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit be16bd8543f80ad2933ec9c37f082617c7084165)
commit 49444ce9f7ad34fff6ff94a9db95337f4bfd7b03
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sat Nov 13 17:23:54 2021 +0200
Revert "hw/xfree86: Propagate physical dimensions from DRM connector"
Quite a lot of applications currently expect the screen DPI exposed by
the X server to be 96 even when the real display DPI is different.
Additionally, currently Xwayland completely ignores any hardware
information and sets the DPI to 96. Accordingly the new behavior, even
if it fixes a bug, should not be enabled automatically to all users.
A better solution would be to make the default DPI stay as is and enable
the correct behavior with a command line option (maybe -dpi auto, or
similar). For now let's just revert the bug fix.
This reverts commit 05b3c681ea2f478c0cb941c2f8279919cf78de6d.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
(cherry picked from commit 35af1299e73483eaf93d913a960e1d1738bc7de6)
commit 6f11b3c803898e0effe6ade2ae951f5758936152
Author: Dave Airlie <airlied@redhat.com>
Date: Thu Nov 11 06:35:19 2021 +1000
dri2: add crocus to the list of va_gl users
(cherry picked from commit a7b0a7fabd137183cc42a5edb15697e354c4450c)
commit 8eb1396d3ecfd2bf968105a99759ae9445bdf768
Author: Jocelyn Falempe <jfalempe@redhat.com>
Date: Thu Nov 18 14:51:21 2021 +0100
xf86/logind: Fix drm_drop_master before vt_reldisp
When switching to VT, the ioctl DRM_DROP_MASTER must be done before
the ioctl VT_RELDISP. Otherwise the kernel can't change the modesetting
reliably, and this leads to the console not showing up in some cases, like
after unplugging a docking station with a DP or HDMI monitor.
Before doing the VT_RELDISP, send a dbus message to logind, to
pause the drm device, so logind will do the ioctl DRM_DROP_MASTER.
With this patch, it changes the order logind will send the resume
event, and drm will be sent last instead of first.
so there is a also fix to call systemd_logind_vtenter() at the right time.
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
(cherry picked from commit da9d012a9c760896941769d4127e3cfb1a7a9f03)
commit 6834f977a5eadbc3289f27b2bb83997132a39fdd
Author: Jocelyn Falempe <jfalempe@redhat.com>
Date: Thu Nov 18 14:45:42 2021 +0100
xf86/logind: fix call systemd_logind_vtenter after receiving drm device resume
logind send the resume event for input devices and drm device,
in any order. if we call vt_enter before logind resume the drm device,
it leads to a driver error, because logind has not done the
DRM_IOCTL_SET_MASTER on it.
Keep the old workaround to make sure we call systemd_logind_vtenter at
least once if there are no platform device
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
(cherry picked from commit f5bd039633fa8360a10bd2aabb0111571f6275b0)
commit 0ed7b1224ef17ff3d27e791e03e0d98dd6373c8a
Author: nerdopolis <bluescreen_avenger@verizon.net>
Date: Fri Oct 8 21:51:43 2021 -0400
xfree86: On Linux, while only seat0 can have TTYs, don't assmume all seat0s have TTYs
(cherry picked from commit b8c12aac651d626c5120e6e8e18b42e7528caf43)
commit 6b997fb74e5c9473ee3989fca8d592a3a0d16067
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sun Nov 7 01:33:56 2021 +0200
xserver 21.1.1
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 70a0c48ff3bb7e3392035ef333cc5c8453508f33
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Sat Nov 6 20:09:48 2021 +0200
Makefile.am: Add missing meson build files to release tarball
commit db0da823f55734baf4c1e4de680e7091f33aac17
Author: Matthieu Herrb <matthieu.herrb@laas.fr>
Date: Sun Oct 31 11:28:28 2021 +0100
Make xf86CompatOutput() return NULL when there are no privates
Some drivers (mach64 w/o DRI for instance) don't initialize privates.
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
(cherry picked from commit 80eeff3ebac772e25c9107199989e677457dbe06)
commit fdb266ff814f6abb6ce006ecbac5ba78a92cdbca
Author: Jon Turney <jon.turney@dronecode.org.uk>
Date: Tue Nov 2 14:04:08 2021 +0000
s/__/@/ in inputtestdrv manpage
Update manpage subsitution style for 2e497bf8
(cherry picked from commit 0099412ea4347b02e61ea21946f309f2535cc07b)
commit 27a0ee32ccef8d621aaa758c804fc9a5ceeb5a56
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Oct 27 13:36:45 2021 +0300
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
commit d4944ceda1727180bbee1c582b4ac0796c2748cc
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Mon Oct 18 08:14:04 2021 +0200
Fix RandR leasing for more than 1 simultaneously active lease.
Due to a switched order of parameters in the xorg_list_add()
call inside ProcRRCreateLease(), adding a new lease for RandR
output leasing does not actually add the new RRLeasePtr lease
record to the list of existing leases for a X-Screen, but instead
replaces the existing list with a new list that has the new lease
as the only element, and probably leaks a bit of memory.
Therefore the server "forgets" all active leases for a screen,
except for the last added lease. If multiple leases are created
in a session, then destruction of all leases but the last one
will fail in many cases, e.g., during server shutdown in
RRCloseScreen(), or resource destruction, e.g., in
RRCrtcDestroyResource().
Most importantly, it fails if a client simply close(fd)'es the
DRM master descriptor to release a lease, quits, gets killed or
crashes. In this case the kernel will destroy the lease and shut
down the display output, then send a lease event via udev to the
ddx, which e.g., in the modesetting-ddx will trigger a call to
drmmode_validate_leases().
That function is supposed to detect the released lease and tell
the server to terminate the lease on the server side as well,
via xf86CrtcLeaseTerminated(), but this doesn't happen for all
the leases the server has forgotten. The end result is a dead
video output, as the server won't reinitialize the crtc's
corresponding to the terminated but forgotten lease.
This bug was observed when using the amdvlk AMD OSS Vulkan
driver and trying to lease multiple VKDisplay's, and also
under Mesa radv, as both Mesa Vulkan/WSI/Display and amdvlk
terminate leases by simply close()ing the lease fd, not by
sending explicit RandR protocol requests to free leases.
Leasing worked, but ending a session with multiple active
leases ended in a lot of unpleasant darkness.
Fixing the wrong argument order to xorg_list_add() fixes the
problem. Tested on single-X-Screen and dual-X-Screen setups,
with one, two or three active leases.
Please merge this for the upcoming server 21.1 branch.
Merging into server 1.20 would also make a lot of sense.
Fixes: e4e3447603b5fd3a38a92c3f972396d1f81168ad
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
Cc: Keith Packard <keithp@keithp.com>
(cherry picked from commit f467f85ca1f780d5c7cf3c20888e399708d761ac)
commit e59faa4b8cc5aaa19474a5e7ca3a99d08006f8c5
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Thu Oct 14 17:33:40 2021 +0300
xserver 21.1 RC 2
commit 3fb94f3c5ca73f15a78dbc6904380b9b9e402bf4
Author: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Date: Fri Jul 23 09:23:45 2021 +0100
dix/privates.c: Avoid undefined behaviour after realloc()
Adding the offset between the realloc result and the old allocation to
update pointers into the new allocation is undefined behaviour: the
old pointers are no longer valid after realloc() according to the C
standard. While this works on almost all architectures and compilers,
it causes problems on architectures that track pointer bounds (e.g.
CHERI or Arm's Morello): the DevPrivateKey pointers will still have the
bounds of the previous allocation and therefore any dereference will
result in a run-time trap.
I found this due to a crash (dereferencing an invalid capability) while
trying to run `XVnc` on a CHERI-RISC-V system. With this commit I can
successfully connect to the XVnc instance running inside a QEMU with a
VNC viewer on my host.
This also changes the check whether the allocation was moved to use
uintptr_t instead of a pointer since according to the C standard:
"The value of a pointer becomes indeterminate when the object it
points to (or just past) reaches the end of its lifetime." Casting to an
integer type avoids this undefined behaviour.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
(cherry picked from commit f9f705bf3cf0d169d54a70f235cc99e106dbda43)
commit b89fdd523e2c9e9b0cdf37b263833c4b0a8868b8
Author: nerdopolis <rbos@rbos>
Date: Thu Sep 30 08:51:18 2021 -0400
xf86: Accept devices with the 'simpledrm' driver.
SimpleDRM 'devices' are a fallback device, and do not have a busid
so they are getting skipped. This will allow simpledrm to work
with the modesetting driver
(cherry picked from commit b9218fadf3c09d83566549279d68886d8258f79c)
commit fbc690ccaf12d6536951d0ba403dfbb92c7c4115
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Fri Oct 1 09:47:41 2021 +0200
modesetting: Consider RandR primary output for selectioh of sync crtc.
The "sync crtc" is the crtc used to drive the display timing of a
drawable under DRI2 and DRI3/Present. If a drawable intersects
multiple video outputs, then normally the crtc is chosen which has
the largest intersection area with the drawable.
If multiple outputs / crtc's have exacty the same intersection
area then the crtc chosen was simply the first one with maximum
intersection. Iow. the choice was random, depending on plugging
order of displays.
This adds the ability to choose a preferred output in such a tie
situation. The RandR output marked as "primary output" is chosen
on such a tie.
This new behaviour and its implementation is consistent with other
video ddx drivers. See amdgpu-ddx, ati-ddx and nouveau-ddx for
reference. This commit is a straightforward port from amdgpu-ddx.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 4b75e65766a9ef3a26d4c1c9d7af9fc6d1d7be5b)
commit 22f4ff1026eeffc566f87453d7f1f70dc23ad4e0
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Fri Oct 1 08:49:10 2021 +0200
modesetting: Handle mixed VRR and non-VRR display setups better.
In a setup with both VRR capable and non-VRR capable displays,
it was so far inconsistent if the driver would allow use of
VRR support or not, as "is_connector_vrr_capable" was set to
whatever the capabilities of the last added drm output were.
Iow. the plugging order of monitors determined the outcome.
Fix this: Now if at least one display is VRR capable, the driver
will treat an X-Screen as capable for VRR, plugging order no
longer matters.
Tested with a dual-display setup with one VRR monitor and one
non-VRR monitor. This is also beneficial with the new Option
"AsyncFlipSecondaries".
When we are at it, also add some so far missing description of
the "VariableRefresh" driver option, copied from amdgpu-ddx.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 017ce263376aa64a495c4d71a140a24b1dff7054)
commit 0d0986bf3b924ccb26e4bc6a8c06aed41f238683
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Fri Oct 1 07:42:01 2021 +0200
modesetting: Enable GAMMA_LUT for lut's with up to 4096 slots.
A lut size of 4096 slots has been verified to work correctly,
as tested with amdgpu-kms. Intel Tigerlake Gen12 hw has a very
large GAMMA_LUT size of 262145 slots, but also issues with its
current GAMMA_LUT implementation, as of Linux 5.14.
Therefore we keep GAMMA_LUT off for large lut's. This currently
excludes Intel Icelake, Tigerlake and later.
This can be overriden via the "UseGammaLUT" boolean xorg.conf option
to force use of GAMMA_LUT on or off.
See following link for the Tigerlake situation:
https://gitlab.freedesktop.org/drm/intel/-/issues/3916#note_1085315
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 66e5a5bb12c58413a4d71781c5a7f63f675bfe55)
commit bc1327e6de82da560c97f66c9c196d9bbd2d24be
Author: Ray Strode <rstrode@redhat.com>
Date: Mon Oct 4 14:27:54 2021 -0400
Commit 446ff2d3177087b8173fa779fa5b77a2a128988b added checks to
prevalidate the size of incoming SetMap requests.
That commit checks for the XkbSetMapResizeTypes flag to be set before
allowing key types data to be processed.
key types data can be changed or even just sent wholesale unchanged
without the number of key types changing, however. The check for
XkbSetMapResizeTypes rejects those legitimate requests. In particular,
XkbChangeMap never sets XkbSetMapResizeTypes and so always fails now
any time XkbKeyTypesMask is in the changed mask.
This commit drops the check for XkbSetMapResizeTypes in flags when
prevalidating the request length.
(cherry picked from commit 8b7f4d3259e8b7d1eb3d8a83e8852989e869596a)
commit b87536682c185b6a825525d01e95e264018c0997
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Tue Sep 14 07:52:33 2021 +0200
Revert "modesetting: Only use GAMMA_LUT if its size is 1024"
This reverts commit 617f591fc44e24413e1f91017d16734999bbbac1.
The problem described in that commit exists, but the two
preceeding commits with improvements to the servers RandR
code should avoid the mentioned problems while allowing the
use of GAMMA_LUT's instead of legacy gamma lut.
Use of legacy gamma lut's is not a good fix, because it will reduce
color output precision of gpu's with more than 1024 GAMMA_LUT
slots, e.g., AMD, ARM MALI and KOMEDA with 4096 slot luts,
and some Mediathek parts with 512 slot luts. On KOMEDA, legacy
lut's are completely unsupported by the kms driver, so gamma
correction gets disabled.
The situation is especially bad on Intel Icelake and later:
Use of legacy gamma tables will cause the kms driver to switch
to hardware legacy lut's with 256 slots, 8 bit wide, without
interpolation. This way color output precision is restricted to
8 bpc and any deep color / HDR output (10 bpc, fp16, fixed point 16)
becomes impossible. The latest Intel gen gpu's would have worse
color precision than parts which are more than 10 years old.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 545fa90cbf37a4c18f013dabc9f3bfb8310a5a98)
commit 473a48660fc8a326312df2d5925017ce8152c7db
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Tue Sep 14 07:51:46 2021 +0200
xfree86: Let xf86RandR12CrtcComputeGamma() deal with non-power-of-2 sizes.
The assumption in the upsampling code was that the crtc->gamma_size
size of the crtc's gamma table is a power of two. This is true for
almost all current driver + gpu combos at least on Linux, with typical
sizes of 256, 512, 1024 or 4096 slots.
However, Intel Gen-11 Icelake and later are outliers, as their gamma
table has 2^18 + 1 slots, very big and not a power of two!
Try to make upsampling behave at least reasonable: Replicate the
last gamma value to fill up remaining crtc->gamma_red/green/blue
slots, which would normally stay uninitialized. This is important,
because while the intel display driver does not actually use all
2^18+1 values passed as part of a GAMMA_LUT, it does need the
very last slot, which would not get initialized by the old code.
This should hopefully create reasonable behaviour with Icelake+
but is untested on the actual Intel hw due to lack of suitable
hw.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 7326e131df3d1373dd796d9e2d931e81a3536bad)
commit b33f487a7ca276e11214eb45b87aab970ca43d79
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Tue Sep 14 07:40:49 2021 +0200
xfree86: Avoid crash in xf86RandR12CrtcSetGamma() memcpy path.
If randrp->palette_size is zero, the memcpy() path can read past the
end of the randr_crtc's gammaRed/Green/Blue tables if the hw crtc's
gamma_size is greater than the randr_crtc's gammaSize.
Avoid this by clamping the to-be-copied size to the smaller of both
sizes.
Note that during regular server startup, the memcpy() path is only
taken initially twice, but then a suitable palette is created for
use during a session. Therefore during an actual running X-Session,
the xf86RandR12CrtcComputeGamma() will be used, which makes sure that
data is properly up- or down-sampled for mismatching source and
target crtc gamma sizes.
This should avoid reading past randr_crtc gamma memory for gpu's
with big crtc->gamma_size, e.g., AMD/MALI/KOMEDA 4096 slots, or
Intel Icelake and later with 262145 slots.
Tested against modesetting-ddx and amdgpu-ddx under screen color
depth 24 (8 bpc) and 30 (10 bpc) to make sure that clamping happens
properly.
This is an alternative fix for the one attempted in commit
617f591fc44e24413e1f91017d16734999bbbac1.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
(cherry picked from commit 966f567432e91762382db09129f8fb4e2e434437)
commit d1ca47e1242b51c79cec7287f52c36c8e494706b
Author: Olivier Fourdan <ofourdan@redhat.com>
glamor: Fix leak in glamor_build_program()
Fix the possible leak of `vs_prog_string` and `fs_prog_string` in case
of failure, as reported by covscan.
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Michel Dänzer <mdaenzer@redhat.com>
(cherry picked from commit 2906ee5e4a722138cccb3265a615da7705a52589)
commit d00e7dfc9da165810a578fa0910475686e1fa51c
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Tue Sep 21 23:35:42 2021 +0300
xserver 21.1 RC 1
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 4ee66f574a70948ca90a5db94dd666a389a5ff3e
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Wed Sep 15 21:49:17 2021 +0300
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
Drop XWayland DDX
commit 72c5d153c920d769802ed73a1b9bfd0d32e7c178
Author: Aaron Plattner <aplattner@nvidia.com>
Date: Fri Sep 10 11:02:00 2021 -0700
xfree86: NUL-terminate strings in hwEnableIO
The Linux version of xf86EnableIO calls a helper function called hwEnableIO().
Except on Alpha, this function reads /proc/ioports looking for the 'keyboard'
and 'timer' ports, extracts the port ranges, and enables access to them. It does
this by reading 4 bytes from the string for the start port number and 4 bytes
for the last port number, passing those to atoi(). However, it doesn't add a
fifth byte for a NUL terminator, so some implementations of atoi() read past the
end of this string, triggering an AddressSanitizer error:
==1383==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff71fd5b74 at pc 0x7fe1be0de3e0 bp 0x7fff71fd5ae0 sp 0x7fff71fd5288
READ of size 5 at 0x7fff71fd5b74 thread T0
#0 0x7fe1be0de3df in __interceptor_atoi /build/gcc/src/gcc/libsanitizer/asan/asan_interceptors.cpp:520
#1 0x564971adcc45 in hwEnableIO ../hw/xfree86/os-support/linux/lnx_video.c:138
#2 0x564971adce87 in xf86EnableIO ../hw/xfree86/os-support/linux/lnx_video.c:174
#3 0x5649719f6a30 in InitOutput ../hw/xfree86/common/xf86Init.c:439
#4 0x564971585924 in dix_main ../dix/main.c:190
#5 0x564971b6246e in main ../dix/stubmain.c:34
#6 0x7fe1bdab6b24 in __libc_start_main (/usr/lib/libc.so.6+0x27b24)
#7 0x564971490e9d in _start (/home/aaron/git/x/xserver/build.asan/hw/xfree86/Xorg+0xb2e9d)
Address 0x7fff71fd5b74 is located in stack of thread T0 at offset 100 in frame
#0 0x564971adc96a in hwEnableIO ../hw/xfree86/os-support/linux/lnx_video.c:118
This frame has 3 object(s):
[32, 40) 'n' (line 120)
[64, 72) 'buf' (line 122)
[96, 100) 'target' (line 122) <== Memory access at offset 100 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow /build/gcc/src/gcc/libsanitizer/asan/asan_interceptors.cpp:520 in __interceptor_atoi
Shadow bytes around the buggy address:
0x10006e3f2b10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10006e3f2b20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10006e3f2b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10006e3f2b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10006e3f2b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10006e3f2b60: 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2[04]f3
0x10006e3f2b70: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10006e3f2b80: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
0x10006e3f2b90: f1 f1 f8 f2 00 f2 f2 f2 f8 f3 f3 f3 00 00 00 00
0x10006e3f2ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
0x10006e3f2bb0: f1 f1 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==1383==ABORTING
Fix this by NUL-terminating the string.
Fixes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1193#note_1053306
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
commit 617f591fc44e24413e1f91017d16734999bbbac1
Author: Aaron Plattner <aplattner@nvidia.com>
Date: Thu Sep 9 15:29:50 2021 -0700
modesetting: Only use GAMMA_LUT if its size is 1024
GAMMA_LUT sizes other than 1024 cause a crash during startup if the memcpy()
calls in xf86RandR12CrtcSetGamma() read past the end of the legacy X11 /
XVidMode gamma ramp.
This is a problem on Intel ICL / GEN11 platforms because they report a GAMMA_LUT
size of 262145. Since it's not clear that the modesetting driver will generate a
proper gamma ramp at that size even if xf86RandR12CrtcSetGamma() is fixed, just
disable use of GAMMA_LUT for sizes other than 1024 for now. This will cause the
modesetting driver to disable the CTM property and fall back to the legacy gamma
LUT.
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
Fixes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1193
Tested-by: Mark Herbert
commit e59e24c8779de65db87b8c07bc3f2abb479be082
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Mon Sep 6 22:41:32 2021 +0300
glamor: Fix handling of 1-bit pixmaps
Since 8702c938b33b9ec180d64754eb922515c7c4a98b the pixmap formats are
handled in a single place. In the process of conversion the difference
between pixmap formats that can be uploaded and those that can be
rendered on GL side has been lost. This affects only 1-bit pixmaps: as
they aren't supported on GL, but can be converted to a R8 or A8 format
for rendering (see glamor_get_tex_format_type_from_pictformat()).
To work around this we add a separate flag that specifies whether the
format actually supports rendering in GL, convert all checks to use this
flag and then add 1-bit pixmap formats that don't support rendering in
GL.
Fixes: 8702c938b33b9ec180d64754eb922515c7c4a98b
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1210
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
Tested-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
commit 68f01c0f02ece4f6efe9ce18be81244246a1e114
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Mon Aug 30 05:42:04 2021 +0200
modesetting: Add option for non-vsynced flips for "secondary" outputs.
Whenever an unredirected fullscreen window uses pageflipping for a
DRI3/Present PresentPixmap() operation and the X-Screen has more than
one active output, multiple crtc's need to execute pageflips. Only
after the last flip has completed can the PresentPixmap operation
as a whole complete.
If a sync_flip is requested for the present, then the current
implementation will synchronize each pageflip to the vblank of
its associated crtc. This provides tear-free image presentation
across all outputs, but introduces a different artifact, if not
all outputs run at the same refresh rate with perfect synchrony:
The slowest output throttles the presentation rate, and present
completion is delayed to flip completion of the "latest" output
to complete. This means degraded performance, e.g., a dual-display
setup with a 144 Hz monitor and a 60 Hz monitor will always be
throttled to at most 60 fps. It also means non-constant present
rate if refresh cycles drift against each other, creating complex
"beat patterns", tremors, stutters and periodic slowdowns - quite
irritating!
Such a scenario will be especially annoying if one uses multiple
outputs in "mirror mode" aka "clone mode". One output will usually
be the "production output" with the highest quality and fastest
display attached, whereas a secondary mirror output just has a
cheaper display for monitoring attached. Users care about perfect
and perfectly timed tear-free presentation on the "production output",
but cares less about quality on the secondary "mirror output". They
are willing to trade quality on secondary outputs away in exchange
for better presentation timing on the "production output".
One example use case for such production + monitoring displays are
neuroscience / medical science applications where one high quality
display device is used to present visual animations to test subjects
or patients in a fMRI scanner room (production display), whereas
an operator monitors the same visual animations from a control room
on a lower quality display. Presentation timing needs to be perfect,
and animations high-speed and tear-free for the production display,
whereas quality and timing don't matter for the monitoring display.
This commit gives users the option to choose such a trade-off as
opt-in:
It adds a new boolean option "AsyncFlipSecondaries" to the device section
of xorg.conf. If this option is specified as true, then DRI3 pageflip
behaviour changes as follows:
1. The "reference crtc" for a windows PresentPixmap operation does a
vblank synced flip, or a DRM_MODE_PAGE_FLIP_ASYNC non-synchronized
flip, as requested by the caller, just as in the past. Typically
flips will be requested to be vblank synchronized for tear-free
presentation. The "reference crtc" is the one chosen by the caller
to drive presentation timing (as specified by PresentPixmap()'s
"target_msc", "divisor", "remainder" parameters and implemented by
vblank events) and to deliver Present completion timestamps (msc
and ust) extracted from its pageflip completion event.
2. All other crtc's, which also page-flip in a multi-display configuration,
will try to flip with DRM_MODE_PAGE_FLIP_ASYNC, ie. immediately and
not synchronized to vblank. This allows the PresentPixmap operation
to complete with little delay compared to a single-display present,
especially if the different crtc's run at different video refresh
rates or their refresh cycles are not perfectly synchronized, but
drift against each other. The downside is potential tearing artifacts
on all outputs apart from the one of the "reference crtc".
Successfully tested on a AMD gpu with single-display, dual-display and
triple-display setups, and with single-X-Screen as well as dual-X-Screen
"ZaphodHeads" configurations.
Please consider merging this commit for the upcoming server 1.21 branch.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
commit 1fd5dec11bbb85e87f70a39f1c1b59af95a7feaf
Author: Ignacio Casal Quinteiro <qignacio@amazon.com>
Date: Tue Sep 7 16:58:10 2021 +0200
touchevents: set the screen pointer after checking the device is enabled
If the device is disabled the sprite is NULL so we get a seg fault
commit b3b81c8c2090cd49410960a021baf0d27fdd2ab3
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Fri Sep 3 14:33:15 2021 +0300
It turns out xdmx currently crashes when any client attempts to use GL
and it has been in such state for about 14 years. There was a patch to
fix the problem [1] 4 years ago, but it never got merged. The last
activity on any bugs referring to xdmx has been more than 4 years ago.
Given such situation, I find it unlikely that anyone is still using xdmx
and just having the code is a drain of resources.
[1]: https://lists.x.org/archives/xorg-devel/2017-June/053919.html
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
commit 8f8ebf870b55c9875b7cfd8ef69c1df02d589b4a
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Sat Aug 28 02:27:20 2021 +0200
modesetting: Allow Present flips with mismatched stride on atomic drivers.
When using DRI3+Present with PRIME render offload, sometimes there is
a mismatch between the stride of the to-be-presented Pixmap and the
frontbuffer. The current code would reject a pageflip present in this
case if atomic modesetting is not enabled, ie. always, as atomic
modesetting is disabled by default due to brokeness in the current
modesetting-ddx.
Fullscreen presents without page flipping however trigger the copy
path as fallback, which causes not only unreliable presentation timing
and degraded performance, but also massive tearing artifacts due to
rendering to the framebuffer without any hardware sync to vblank.
Tearing is extra awful on modesetting-ddx because glamor afaics seems
to use drawing of a textured triangle strip for the copy implementation,
not a dedicated blitter engine. The rasterization pattern creates extra
awful tearing artifacts.
We can do better: According to a tip from Michel Daenzer (thanks!),
at least atomic modesetting capable kms drivers should be able to
reliably change scanout stride during a pageflip, even if atomic
modesetting is not actually enabled for the modesetting client.
This commit adds detection logic to find out if the underlying kms
driver is atomic_modeset_capable, and if so, it no longer rejects
page flip presents on mismatched stride between new Pixmap and
frontbuffer.
We (ab)use a call to drmSetClientCap(ms->fd, DRM_CLIENT_CAP_ATOMIC, 0);
for this purpose. The call itself has no practical effect, as it
requests disabling atomic mode, although atomic mode is disabled by
default. However, the return value of drmSetClientCap() tells us if the
underlying kms driver is atomic modesetting capable: An atomic driver
will return 0 for success. A legacy non-atomic driver will return a
non-zero error code, either -EINVAL for early atomic Linux versions
4.0 - 4.19 (or for non-atomic Linux 3.x and earlier), or -EOPNOTSUPP
for Linux 4.20 and later.
Testing on a MacBookPro 2017 with Intel Kabylake display server gpu +
AMD Polaris11 as prime renderoffload gpu, X-Server master + Mesa 21.0.3
show improvement from unbearable tearing to perfect, despite a stride
mismatch between display gpu and Pixmap of 11776 Bytes vs. 11520
Bytes. That this is correct behaviour was also confirmed by comparing the
behaviour and .check_flip implementation of the patched modesetting-ddx
against the current intel-ddx SNA Present implementation.
Please consider merging this patch before the server-1.21 branch point.
This patch could also be cherry-picked into the server 1.20 branch to
fix the same limitation.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
commit 7d34b1f2b7c612c3171e0b9758b5fc094bc33f63
Author: Simon Ser <contact@emersion.fr>
Date: Fri Jun 18 11:04:45 2021 +0200
xwayland: add -noTouchPointerEmulation
In some scenarios, the Wayland compositor might have more knowledge
than the X11 server and may be able to perform pointer emulation for
touch events better. Add a command-line switch to allow compositors
to turn Xwayland pointer emulation off.
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
Signed-off-by: Simon Ser <contact@emersion.fr>
commit 7c63c582a17b206a33b57a70dd61e7919a6ef9fe
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Thu Aug 26 17:06:49 2021 +0200
Revert "glamor: Enable modifier support for xfree86 too"
This reverts commit 9b8999411033c9473cd68e92e4690a91aecf5b95.
Turns out that defaulting glamor_egl->dmabuf_capable = TRUE
breaks kms page-flipping on various Mesa+Linux/DRM-KMS+hardware
combos, resulting in broken presentation timing, degraded performance
and awful tearing. E.g., my testing shows that X-Server master +
Mesa 21.2 + Linux 5.3 on Intel Kabylake has broken pageflipping.
Similar behaviour was observed in the past on RaspberryPi 4/400
with VideoCore-6 by myself and others, and iirc by myself on some
AMD gpu's, although my memories of the latter are a bit dim.
Cfe. https://gitlab.freedesktop.org/mesa/mesa/-/issues/3601 and
possibly https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/254
for related problems.
The reason for pageflip failure on the modesetting-ddx under
DRI3/Present seems to be the following sequence:
1. Atomic modesetting for the modesetting-ddx is broken and therefore
both disabled by default in the modesetting-ddx itself and also
force-disabled by the Linux kernel since quite a while. If the kernel
detects drmSetClientCap(fd, DRM_CLIENT_CAP_ATOMIC, 1); from the
X-Server, it will reject the request, as a countermeasure to all the
past and current brokeness.
2. Without DRM_CLIENT_CAP_ATOMIC we don't get the implied universal
planes support (DRM_CLIENT_CAP_UNIVERSAL_PLANES).
3. Without DRM_CLIENT_CAP_UNIVERSAL_PLANES, drmModeGetPlaneResources()
will only return overlay planes, but not primary- or cursor planes.
4. As modesetting-ddx drmmode_crtc_create_planes() function can only
operate on primary planes, but can't get any from drmModeGetPlaneResources(),
the drmmode_crtc_create_planes() mostly turns into a no-op, never
executes populate_format_modifiers() and therefore the Linux kernels
DRM-KMS driver is not ever queried for the list of scanout/pageflip
capable DRM format modifiers. Iow. the drmmode_crtc->formats[i].modifiers
list stays empty with zero drmmode_crtc->formats[i].num_modifiers.
5. The list from step 4 provides the format+modifiers for intersection
which would get returned by the X-Servers DRI3 backend as response to
a xcb_dri3_get_supported_modifiers_window_modifiers() request. Given
an empty list was returned in step 4, this will lead to return of an
empty modifiers list by xcb_dri3_get_supported_modifiers_window_modifiers().
6. Both Mesa's DRI3/Present OpenGL backbuffer allocation logic and iirc
Mesa/Vulkan/WSI/X11's swapchain image allocation logic use the list
from xcb_dri3_get_supported_modifiers_window_modifiers() for format+
modifier selection for scanout/pageflip capable buffers. Cfe. Mesa's
dri3_alloc_render_buffer() function.
Due to the empty list, the Mesa code falls back to the format+modifiers
reported by xcb_dri3_get_supported_modifiers_screen_modifiers()
instead. This list contains all modifiers reported by GLAMOR as
result of glamor_get_formats() and glamor_get_modifiers(), which
in turn are query results from Mesa eglQueryDmaBufFormatsEXT()
and eglQueryDmaBufModifiersEXT(). Iow. all format+modifiers which
are supported for rendering are considered for the OpenGL backbuffers
and Vulkan swapchain buffers.
7. Depending on kms driver + gpu combo and Mesa version, such buffers
are often not direct-scanout / pageflip capable, and so pageflipping
can't be used for DRI3/Present of fullscreen windows. Whenever the
system has to fallback to copies instead of pageflips, the results
are broken presentation timing, degraded performance and quite
horrible tearing, as the current DRI3/Present implementation does not
perform any hardware synchronization of copy presents to the start
of vblank or similar.
By defaulting glamor_egl->dmabuf_capable = FALSE instead, as the server
1.20 branch does, we avoid this failure:
1. glamor_get_modifiers() turns into a no-op and returns false, not
reporting any supported dmabuf modifiers to the servers DRI3 code,
ie. the servers cache_formats_and_modifiers() function can't retrieve
and cache any format+modifiers. Therefore the servers DRI3 code now
also reports an empty format+modifiers list when Mesa does a
xcb_dri3_get_supported_modifiers_screen_modifiers() query.
2. Mesa's buffer allocation code therefore falls back to using the old
DRI image extensions createImage() function to allocate buffers
with use flags __DRI_IMAGE_USE_SCANOUT | __DRI_IMAGE_USE_BACKBUFFER
and our OpenGL backbuffers / Vulkan swapchain images get allocated
in a direct-scanout / pageflip capable format. Pageflipping works,
timing and performance is good, presentation is tear-free.
Please consider merging this for branching the X-Server 1.21 branch.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
commit c5a9287dcf8d77ab104d56ac27ad6b1ff957fdfb
Author: Jon Turney <jon.turney@dronecode.org.uk>
Date: Wed May 12 16:51:26 2021 +0100
Don't underlink inputtest on targets which require complete linkage
Don't underlink inputtest on targets which require complete linkage
(e.g. when building for PE/COFF)
commit d68b50ec032fe4f02bde817abfd30328ec96a11c
Author: Jon Turney <jon.turney@dronecode.org.uk>
Date: Sat Jul 10 17:38:01 2021 +0100
Fix compilation with windows.h from latest w32api
misc.h has complex logic (checking MAXSHORT is undefined etc.)
controlling if it includes assert.h or not.
Including windows.h from w32api 9.0.0 now trips over that, causing
assert.h to not be included, causing various errors, e.g.
In file included from ../include/cursor.h:53,
from ../include/dix.h:54,
from ../os/osdep.h:139,
from ../hw/xwin/winauth.c:40:
../include/privates.h: In function ‘dixGetPrivateAddr’:
../include/privates.h:121:5: error: implicit declaration of function ‘assert’ [-Werror=implicit-function-declaration]
Fix this by IWYU in privates.h
commit ab86be0ed9233d6683daf00d359c562b12e137c8
Author: Mario Kleiner <mario.kleiner.de@gmail.com>
Date: Fri Aug 27 19:27:29 2021 +0200
modesetting: Fix VRR window property handling.
A misplaced error check can cause this failure scenario, and does
so reliably as tested on Ubuntu 21.04 with KDE Plasma 5 desktop
within the first few seconds of login session startup, rendering
VRR under modesetting-ddx unusable:
1. Some X11 client application changes some window property.
2. ms_change_property() is called as part of the property change
handling call chain (client->requestVector[X_ChangeProperty]).
It removes itself temporarily from the call chain - or so it
thinks, hooking up saved_change_property instead.
3. ret = saved_change_property(client) is called and fails
temporarily for some non-critical reason.
4. The misplaced error check returns early (error abort), without
first restoring ms_change_property() as initial X_ChangeProperty
handler in the call chain again.
-> Now ms_change_property() has removed itself permanently from the
property handler call chain for the remainder of the X session
and VRR property changes on windows are no longer handled, ie.
VRR no longer gets enabled/disabled in response to window VRR
property changes.
Place the error check at the proper place, just as it is correctly
done by amdgpu-ddx, and in modesetting-ddx ms_delete_property()
function.
Verified to fix VRR handling with an AMD gpu under KDE desktop
session.
Please consider merging before branching the server 1.21 branch.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
commit 18d3131f9a332096825c09106a931c427246ddb7
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Thu Aug 5 22:43:54 2021 +0300
meson: Implement developer documentation build
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 722da1c62caad961ce09fc226daf84465f4b7a7e
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Fri Aug 6 15:21:53 2021 +0300
meson: Add option to disable libdrm support
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
commit 1f720dc9a319bb66e2f5f28568614e81aa9e9e4d
Author: Adam Jackson <ajax@redhat.com>
Date: Tue Aug 17 16:06:57 2021 -0400
dmx: Fix some redeclaration warnings from gcc 11
../hw/dmx/config/xdmxconfig.c:68:26: warning: redundant redeclaration of ‘dmxConfigEntry’ [-Wredundant-decls]
68 | extern DMXConfigEntryPtr dmxConfigEntry;
| ^~~~~~~~~~~~~~
commit b49f0f9b323d66056aa9cd88f9ca1a124037bf32
Author: Adam Jackson <ajax@redhat.com>
Date: Tue Aug 17 16:04:40 2021 -0400
In function ‘TryCopyStr’,
inlined from ‘CopyISOLockArgs’ at ../xkb/xkbtext.c:875:9:
../xkb/xkbtext.c:720:13: warning: ‘tbuf’ may be used uninitialized [-Wmaybe-uninitialized]
720 | strcat(to, from);
| ^~~~~~~~~~~~~~~~
../xkb/xkbtext.c: In function ‘CopyISOLockArgs’:
<built-in>: note: by argument 1 of type ‘const char *’ to ‘__builtin_strlen’ declared here
../xkb/xkbtext.c:871:10: note: ‘tbuf’ declared here
871 | char tbuf[64];
| ^~~~
Just initialize tbuf so it definitely works.
commit c1138d8ec8d029de54261e355c0e5da0b001044a
Author: Adam Jackson <ajax@redhat.com>
Date: Fri Jul 9 15:30:16 2021 -0400
Loading
Loading full blame...