qbit/xenocara
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- remove stuff that we don't want from drmOpenDevice()

Browse Source 
- prepare for privilege separation support.
ok oga@.
This commit is contained in:
matthieu 2008-02-12 21:27:14 +00:00
parent b139abf7aa
commit e3881499cc
7 changed files with 107 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/libdrm/Makefile.in
View File

@ -157,6 +157,8 @@ SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
X_PRIVSEP_FALSE = @X_PRIVSEP_FALSE@
X_PRIVSEP_TRUE = @X_PRIVSEP_TRUE@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@

86
lib/libdrm/configure vendored
View File

@ -465,7 +465,7 @@ ac_includes_default="\
# include <unistd.h>
#endif"
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar build build_cpu build_vendor build_os host host_cpu host_vendor host_os CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXX CXXFLAGS ac_ct_CXX CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL pkgconfigdir LIBOBJS LTLIBOBJS'
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar build build_cpu build_vendor build_os host host_cpu host_vendor host_os CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXX CXXFLAGS ac_ct_CXX CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL X_PRIVSEP_TRUE X_PRIVSEP_FALSE pkgconfigdir LIBOBJS LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@ -1037,6 +1037,8 @@ Optional Features:
--enable-dependency-tracking do not reject slow dependency extractors
--disable-libtool-lock avoid locking (might break parallel builds)
--disable-largefile omit support for large files
--enable-privsep Build support for X server privilege separation
(default is NO)
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@ -3677,7 +3679,7 @@ ia64-*-hpux*)
;;
*-*-irix6*)
# Find out which ABI we are using.
echo '#line 3680 "configure"' > conftest.$ac_ext
echo '#line 3682 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@ -5276,7 +5278,7 @@ fi
# Provide some information about the compiler.
echo "$as_me:5279:" \
echo "$as_me:5281:" \
"checking for Fortran 77 compiler version" >&5
ac_compiler=`set X $ac_compile; echo $2`
{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5
@ -6339,11 +6341,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:6342: $lt_compile\"" >&5)
(eval echo "\"\$as_me:6344: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:6346: \$? = $ac_status" >&5
echo "$as_me:6348: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -6607,11 +6609,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:6610: $lt_compile\"" >&5)
(eval echo "\"\$as_me:6612: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:6614: \$? = $ac_status" >&5
echo "$as_me:6616: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -6711,11 +6713,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:6714: $lt_compile\"" >&5)
(eval echo "\"\$as_me:6716: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
echo "$as_me:6718: \$? = $ac_status" >&5
echo "$as_me:6720: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@ -9060,7 +9062,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
#line 9063 "configure"
#line 9065 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@ -9160,7 +9162,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
#line 9163 "configure"
#line 9165 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@ -11504,11 +11506,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:11507: $lt_compile\"" >&5)
(eval echo "\"\$as_me:11509: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:11511: \$? = $ac_status" >&5
echo "$as_me:11513: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -11608,11 +11610,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:11611: $lt_compile\"" >&5)
(eval echo "\"\$as_me:11613: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
echo "$as_me:11615: \$? = $ac_status" >&5
echo "$as_me:11617: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@ -13178,11 +13180,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:13181: $lt_compile\"" >&5)
(eval echo "\"\$as_me:13183: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:13185: \$? = $ac_status" >&5
echo "$as_me:13187: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -13282,11 +13284,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:13285: $lt_compile\"" >&5)
(eval echo "\"\$as_me:13287: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
echo "$as_me:13289: \$? = $ac_status" >&5
echo "$as_me:13291: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@ -15489,11 +15491,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:15492: $lt_compile\"" >&5)
(eval echo "\"\$as_me:15494: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:15496: \$? = $ac_status" >&5
echo "$as_me:15498: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -15757,11 +15759,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:15760: $lt_compile\"" >&5)
(eval echo "\"\$as_me:15762: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
echo "$as_me:15764: \$? = $ac_status" >&5
echo "$as_me:15766: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@ -15861,11 +15863,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:15864: $lt_compile\"" >&5)
(eval echo "\"\$as_me:15866: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
echo "$as_me:15868: \$? = $ac_status" >&5
echo "$as_me:15870: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@ -19902,6 +19904,31 @@ rm -f conftest*
fi
# Check whether --enable-privsep or --disable-privsep was given.
if test "${enable_privsep+set}" = set; then
enableval="$enable_privsep"
ENABLE_PRIVSEP="$enableval"
else
ENABLE_PRIVSEP="no"
fi;
if test x$ENABLE_PRIVSEP = xyes ; then
cat >>confdefs.h <<\_ACEOF
#define X_PRIVSEP 1
_ACEOF
fi
if test x$ENABLE_PRIVSEP = xyes; then
X_PRIVSEP_TRUE=
X_PRIVSEP_FALSE='#'
else
X_PRIVSEP_TRUE='#'
X_PRIVSEP_FALSE=
fi
pkgconfigdir=${libdir}/pkgconfig
@ -20025,6 +20052,13 @@ echo "$as_me: error: conditional \"am__fastdepCC\" was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
if test -z "${X_PRIVSEP_TRUE}" && test -z "${X_PRIVSEP_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"X_PRIVSEP\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
echo "$as_me: error: conditional \"X_PRIVSEP\" was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
: ${CONFIG_STATUS=./config.status}
ac_clean_files_save=$ac_clean_files
@ -20625,6 +20659,8 @@ s,@F77@,$F77,;t t
s,@FFLAGS@,$FFLAGS,;t t
s,@ac_ct_F77@,$ac_ct_F77,;t t
s,@LIBTOOL@,$LIBTOOL,;t t
s,@X_PRIVSEP_TRUE@,$X_PRIVSEP_TRUE,;t t
s,@X_PRIVSEP_FALSE@,$X_PRIVSEP_FALSE,;t t
s,@pkgconfigdir@,$pkgconfigdir,;t t
s,@LIBOBJS@,$LIBOBJS,;t t
s,@LTLIBOBJS@,$LTLIBOBJS,;t t

10
lib/libdrm/configure.ac
View File

@ -32,6 +32,16 @@ AC_PROG_CC
AC_HEADER_STDC
AC_SYS_LARGEFILE
dnl Privsep
AC_ARG_ENABLE(privsep,
AC_HELP_STRING([--enable-privsep],
[Build support for X server privilege separation (default is NO)]),
[ENABLE_PRIVSEP="$enableval"], [ENABLE_PRIVSEP="no"])
if test x$ENABLE_PRIVSEP = xyes ; then
AC_DEFINE(X_PRIVSEP, 1, [Use X server privilege separation])
fi
AM_CONDITIONAL(X_PRIVSEP, [test x$ENABLE_PRIVSEP = xyes])
pkgconfigdir=${libdir}/pkgconfig
AC_SUBST(pkgconfigdir)

2
lib/libdrm/libdrm/Makefile.in
View File

@ -152,6 +152,8 @@ SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
X_PRIVSEP_FALSE = @X_PRIVSEP_FALSE@
X_PRIVSEP_TRUE = @X_PRIVSEP_TRUE@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@

3
lib/libdrm/libdrm/config.h.in
View File

@ -54,6 +54,9 @@
/* Version number of package */
#undef VERSION
/* Use X server privilege separation */
#undef X_PRIVSEP
/* Number of bits in a file offset, on hosts where this is settable. */
#undef _FILE_OFFSET_BITS

80
lib/libdrm/libdrm/xf86drm.c
View File

@ -71,7 +71,7 @@
#endif
# ifdef __OpenBSD__
# define DRM_MAJOR 81
# define DRM_MAJOR 88
# endif
#ifndef DRM_MAJOR
@ -268,61 +268,17 @@ static int drmMatchBusID(const char *id1, const char *id2)
*/
static int drmOpenDevice(long dev, int minor)
{
stat_t st;
char buf[64];
int fd;
mode_t devmode = DRM_DEV_MODE, serv_mode;
int isroot = !geteuid();
uid_t user = DRM_DEV_UID;
gid_t group = DRM_DEV_GID, serv_group;
sprintf(buf, DRM_DEV_NAME, DRM_DIR_NAME, minor);
snprintf(buf, sizeof(buf), DRM_DEV_NAME, DRM_DIR_NAME, minor);
drmMsg("drmOpenDevice: node name is %s\n", buf);
if (drm_server_info) {
drm_server_info->get_perms(&serv_group, &serv_mode);
devmode = serv_mode ? serv_mode : DRM_DEV_MODE;
devmode &= ~(S_IXUSR|S_IXGRP|S_IXOTH);
group = (serv_group >= 0) ? serv_group : DRM_DEV_GID;
}
if (stat(DRM_DIR_NAME, &st)) {
if (!isroot) return DRM_ERR_NOT_ROOT;
mkdir(DRM_DIR_NAME, DRM_DEV_DIRMODE);
chown(DRM_DIR_NAME, 0, 0); /* root:root */
chmod(DRM_DIR_NAME, DRM_DEV_DIRMODE);
}
/* Check if the device node exists and create it if necessary. */
if (stat(buf, &st)) {
if (!isroot) return DRM_ERR_NOT_ROOT;
remove(buf);
mknod(buf, S_IFCHR | devmode, dev);
}
if (drm_server_info) {
chown(buf, user, group);
chmod(buf, devmode);
}
fd = open(buf, O_RDWR, 0);
drmMsg("drmOpenDevice: open result is %d, (%s)\n",
fd, fd < 0 ? strerror(errno) : "OK");
if (fd >= 0) return fd;
/* Check if the device node is not what we expect it to be, and recreate it
* and try again if so.
*/
if (st.st_rdev != dev) {
if (!isroot) return DRM_ERR_NOT_ROOT;
remove(buf);
mknod(buf, S_IFCHR | devmode, dev);
if (drm_server_info) {
chown(buf, user, group);
chmod(buf, devmode);
}
}
#ifndef X_PRIVSEP
fd = open(buf, O_RDWR, 0);
#else
fd = priv_open_device(buf);
#endif
drmMsg("drmOpenDevice: open result is %d, (%s)\n",
fd, fd < 0 ? strerror(errno) : "OK");
if (fd >= 0) return fd;
@ -352,8 +308,13 @@ static int drmOpenMinor(int minor, int create)
if (create) return drmOpenDevice(makedev(DRM_MAJOR, minor), minor);
sprintf(buf, DRM_DEV_NAME, DRM_DIR_NAME, minor);
if ((fd = open(buf, O_RDWR, 0)) >= 0) return fd;
snprintf(buf, sizeof(buf), DRM_DEV_NAME, DRM_DIR_NAME, minor);
#ifndef X_PRIVSEP
fd = open(buf, O_RDWR, 0);
#else
fd = priv_open_device(buf);
#endif
if (fd >= 0) return fd;
return -errno;
}
@ -379,6 +340,7 @@ int drmAvailable(void)
/* Try proc for backward Linux compatibility */
if (!access("/proc/dri/0", R_OK)) return 1;
#endif
drmMsg("drmAvailable: no\n");
return 0;
}
@ -387,7 +349,7 @@ int drmAvailable(void)
drmFreeVersion(version);
}
close(fd);
drmMsg("drmAvailable: %d\n", retval);
return retval;
}
@ -3276,3 +3238,15 @@ void drmCloseOnce(int fd)
}
}
}
#ifdef X_PRIVSEP
static int
_priv_open_device(const char *path)
{
drmMsg("_priv_open_device\n");
return open(path, O_RDWR, 0);
}
int priv_open_device(const char *)
__attribute__((weak, alias ("_priv_open_device")));
#endif

2
lib/libdrm/shared-core/Makefile.in
View File

@ -137,6 +137,8 @@ SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
X_PRIVSEP_FALSE = @X_PRIVSEP_FALSE@
X_PRIVSEP_TRUE = @X_PRIVSEP_TRUE@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@