Draft
Conversation
metux
force-pushed
the
rfc/backport-25.0
branch
2 times, most recently
from
bea2846 to
3131b2c
Compare
Free nested allocations when initialization fails. Several code paths returned early on error without releasing memory owned by embedded structures, leading to leaks. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2125>
A key type that has no level names is legit. Before this commit, `XkbCopyKeymap` would make such level inconsistent by setting its number of levels to 0 while keeping its map entries. It suffices to clear the names array. Fixed by copying the level count from the source type. WARNING: this will trigger an error in `XkbGetNames`, which worked before this commit only by chance. This is fixed in the next commit. Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2082>
Before this commit the count of key type level names was wrongly set in `XkbGetNames`: for key type without names, it was set to the level count, while it should be 0: - `XkbComputeGetNamesReplySize()` does not account key type without level names; - `XkbSendNames()` does not write any level entry for key types without level names. This causes a mismatch offset while parsing the response and its processing would ultimately fail. Fixed by setting the correct level name count: 0 if there is no level name, else the number of levels. Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2082>
When doing reverse PRIME, the buffer being scaned out is still the front BO. Properly reuse its fb_id, to prevent adding a FB for the front_bo each time the fb_id is requested. Signed-off-by: Icenowy Zheng <uwu@icenowy.me> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2064>
When validating the size passed to SetScreenSize, the CRTC mode size needs to be applied the full CRTC transform, otherwise the check may bogusly fail. Do a full transform on the CRTC mode size when checking the SetScreenSize request size instead of the current code that only manually handles rotation. Signed-off-by: Icenowy Zheng <uwu@icenowy.me> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1971>
Use intel ddx only on pre-gen4 hw, newer ones will fall back to modesetting. Instead of defaulting to the Intel driver for all Intel hardware, only default it for older hardware for which it has shown to be better for. Note that Debian/Fedora and their derivatives, as well as the yocto project have been carrying this patch for many years: https://salsa.debian.org/xorg-team/xserver/xorg-server/-/commit/192254841ab79e102c18fc299f18af0e27d5b517 https://src.fedoraproject.org/rpms/xorg-x11-server/c/ee515e44b07e37689abf48cf2fffb41578f3bc1d so this simply aligns xserver upstream with Linux distributions. Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Alexander Kanavin <alex@linutronix.de> Co-authored-by: Balló György <ballogyor@gmail.com> Reviewed-by: Emma Anholt <emma@anholt.net> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1887>
This reverts commit 530e803. The commit breaks xts5/Xlib9/XDrawLines/XDrawLines test as per https://gitlab.freedesktop.org/xorg/xserver/-/issues/1801#note_2812218 Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1858>
Present calls drmmode_set_mode_major() as part of ms_present_unflip(), which leads to a crash due to the recursive attempt to force present to unflip when it already is. Fix it by simply skipping the forced present unflip when present itself is unflipping. This also speeds up drmmmode_prepare_modeset() when present isn't even flipping to begin with. Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1791 Fixes: 899c87a ("modesetting: unflip before any setcrtc() calls") Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1793>
This fix use after free when a pluggable gpu screen (such as displaylink) was set as primary screen and unpluged. gdb backtrace: #0 OssigHandler (signo=11, sip=0x7fff2e0a50f0, unused=0x7fff2e0a4fc0) at ../../../../os/osinit.c:138 #1 <signal handler called> #2 rrGetscreenResources (client=0x3195160, query=0) at ../../../../randr/rrscreen.c:577 #3 0x0000000000562bae in ProcRRGetscreenResourcesCurrent (client=0x3195160) at ../../../../randr/rrscreen.c:652 #4 OxOOOOB0000054de63 in ProcRRDispatch (client=0x3195160) at ../../../../randr/randr.c:717 #5 0x00000000004322c6 in Dispatch () at ../../../../dix/dispatch.c:485 #6 0x0900900990443139 in dix_main (argc=12, argv=0x7fff2e0a5f78, envp=0x7fff2e0a5fe0) at ../../../../dix/main.c:276 #7 0X0000000000421d9a in main (argc=12, argv=0x7fff2e0a5f78, envp=0x7fff2e0a5fe0) at ../../../../dix/stubmain.c:34 Signed-off-by: hongao <hongao@uniontech.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1553>
This commit is to fix some regression caused by commit 995e60a where DamageEmpty on damage was missing in several places. Signed-off-by: Dongwon Kim <dongwon.kim@intel.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1486>
If privates[xf86CrtcConfigPrivateIndex].ptr is NULL, this will cause a segfault. Possible fix for !1241 Signed-off-by: Benjamin Valentin <benjamin.valentin@ml-pa.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/835>
Re-map the SELinux security classes on policy loads, as the mapping will
be desynchronized (see man:selinux_set_mapping(3)) and audit messages
will not show the actual class and permission names:
USER_AVC pid=24283 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:xorg_t:s0 msg='avc: denied { 0x10 } for request=XFIXES:SelectSelectionInput comm=/usr/bin/python3 resid=6400001 restype=WINDOW scontext=xuser_u:xuser_r:systemd_user_instance_generic_bin_t:s0 tcontext=xuser_u:object_r:xorg_t:s0 tclass=(null) permissive=1
In addition use type-safe assignments.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/801>
Use revert-to-parent X focus mode, as recommended in ICCCM 4.1.7 Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/736>
…focus In the multiwindow WM, we need to cancel the X input focus if the Windows input focus has gone to the desktop, or another application's window. We could maybe avoid some unneeded work by not doing this if the WM_KILLFOCUS wParam is another window owned by us, which is immediately going to be given the X input focus. Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/736>
The previous change is not enough, as WM_KILLFOCUS can apparently be sent to the window losing focus after WM_ACTIVATE has been sent to the window gaining focus. Try using WM_SETFOCUS instead, as that has the correct ordering and seems more logical. The test "!pWin || !pWin->overrideRedirect" is confusingly written: It's true if: (a) pWin is NULL (= X window doesn't exist, shouldn't happen), or (b) pWin->overrideRedirect is FALSE i.e. the intended effect is "don't give focus to override redirect windows" There seem to be some cases where this still isn't quite correct: A reproduction isn't known, but it seems to be related to minimizing a maximized Windows window, and having window activation move to a maximized X window beneath it. Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/736>
Don't indicate we've processed WM_ACTIVATE, so DefWindowProc can do not-clearly specified default things with the focus. Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/736>
Avoids build warnings & failures, such as:
../os/xserver_poll.h:40: warning: "POLLNVAL" redefined
40 | #define POLLNVAL 0x20
|
/usr/share/mingw-w64/include/winsock2.h:1190: note: this is the location
of the previous definition
1190 | #define POLLNVAL 0x0004
|
../os/xserver_poll.h:42:8: error: redefinition of ‘struct pollfd’
42 | struct pollfd
| ^~~~~~
/usr/share/mingw-w64/include/winsock2.h:1192:16: note: originally defined here
1192 | typedef struct pollfd {
| ^~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2141>
The Render extension's Trapezoids and Triangles operations (fbTrapezoids, fbTriangles) render directly via pixman through fbShapes without going through ps->Composite, so RootlessComposite never fires for these operations. This means RootlessStartDrawing is not called and the macOS compositor is not notified of changed pixels. Add RootlessTrapezoids and RootlessTriangles wrappers following the same pattern as RootlessComposite: call RootlessStartDrawing before the operation, then compute the bounding box via miTrapezoidBounds or miTriangleBounds and call RootlessDamageBox after. The default miTriStrip and miTriFan implementations decompose their input into triangles and dispatch through ps->Triangles, so the RootlessTriangles wrapper covers TriStrip and TriFan as well. Also add a RootlessCompositeRects wrapper as defense-in-depth. The current miCompositeRects implementation already has partial rootless coverage: PictOpSrc/PictOpClear go through the GC layer, and other ops route through CompositePicture -> RootlessComposite. Wrapping at the PictureScreen level ensures robustness regardless of the underlying implementation. Fixes [1/2]: XQuartz/XQuartz#31 Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
The Render extension operates on PictFormats rather than GC, so it bypasses the rootless layer's GC-based alpha protection (ROOTLESS_PROTECT_ALPHA). Depth-24 windows use PICT_x8r8g8b8 where the 'x' tells pixman the high byte is padding it may freely zero. The macOS compositor needs this byte to be 0xFF (opaque). Before each Render operation that targets a rootless window, temporarily upgrade the destination Picture's format from PICT_x8r8g8b8 to PICT_a8r8g8b8. This tells pixman that the alpha channel is significant and must not be optimized away. The format is restored after the operation completes. This parallels how ROOTLESS_PROTECT_ALPHA handles GC operations (by masking alpha out of the planemask) and how ROOTLESS_SAFEALPHA handles PaintWindow (by forcing alpha in solid fills). The save/restore approach is analogous to rootlessGC.c's GC_SAVE / GC_RESTORE pattern. Fixes [2/2]: XQuartz/XQuartz#31 Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
metux
force-pushed
the
rfc/backport-25.0
branch
from
3131b2c to
2dde5db
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Step 0 of upcoming semi-automatic backporting from Xorg's new 'main' branch.
original range: a9ee6b7..48bda9d
This queue probably still needs some more rework. Perhaps we should pick out interesting commits one by one.