Commit Graph

6436 Commits

Author SHA1 Message Date
matthieu
aceb52e119 Explicitely disable xdm-authorization-1 support in X server.
It was previously disabled by a broken test for XdmcpWrap() in xdm and
later in xenodm but it won't be missed. (use of DES, no IPv6 support).
ok tb@ mortimer@
2018-11-03 14:05:28 +00:00
matthieu
b129529692 regen 2018-11-03 14:01:21 +00:00
matthieu
e0d21cc9e4 Remove useless check for XdmcpWrap().
It was only needed by xdmcp. ok tb@ mortimer@
2018-11-03 14:01:02 +00:00
matthieu
f5d27d0af0 Fix path to app-default resource file. From Sascha Paunovic,
tweaked by me. ok deraadt@
2018-11-01 11:48:04 +00:00
jsg
52a0cb86e3 update 2018-11-01 08:33:21 +00:00
jsg
54d5c1463c sync 2018-11-01 08:31:23 +00:00
jsg
41f63e84e3 Merge libdrm 2.4.96 2018-11-01 08:29:47 +00:00
jsg
384954210f Import libdrm 2.4.96 2018-11-01 08:22:36 +00:00
jsg
f19a6c0440 Make similiar changes to the i386 tsd dispatch assembly as libglvnd to
avoid a text relocation fixing the build with lld.

ok kettenis@ naddy@
2018-10-31 23:26:16 +00:00
jsg
af38fe66ed regen 2018-10-29 11:38:31 +00:00
jsg
5f17afeed5 Don't attempt to rebuild spirv_info.c if timestamp on source files
changed as python won't be in path.

someone in this situation mentioned it to landry@
2018-10-29 11:35:23 +00:00
matthieu
f9024c4d46 Pass the correct buffer length to strlcpy() to avoid truncation.
Problem noticed by Edgar Pettijohn III, ok tb@
2018-10-28 19:38:19 +00:00
mestre
bb65f435ee Add a few \n I missed to add in some fprintf(3)s in my last commit 2018-10-26 17:37:47 +00:00
mestre
2288d216a5 If input_name is provided we can unveil(2) it with read permissions, if
output_name is provided we need to unveil(2) this one with rwc. Additionally
depending on the different combinations of if these files are passed via args
or from stdin/to stdout we can also pledge(2) accordingly to the code path.

OK deraadt@
2018-10-26 17:12:03 +00:00
deraadt
d9d5fc591a Disable setuid on the X server. We have always known it is a trash fire
and we held out hope too long.  This will break some stuff.  Let's start
with non-setuid as the baseline, and see if it is worth trying to fix
the broken parts in some other way.
2018-10-25 21:55:18 +00:00
matthieu
2d6e93a5b7 MFC: Disable -logfile and -modulepath when running with elevated
privileges.  This Could cause arbitrary files overwrite.
CVE-2018-14665.
2018-10-25 15:44:27 +00:00
mestre
e897f28b00 xserver's priv proc is responsible for opening devices in O_RDWR mode and send
their fds over to the parent proc. Knowing this then we already have a list of
all possible devices that might be opened in the future, in struct okdev
allowed_devices[], and we just need to traverse them and unveil(2) each one
with read/write permissions.

positive feedback from semarie@, OK matthieu@
2018-10-25 06:41:25 +00:00
jsg
45bb3d5b2d sync 2018-10-23 08:15:04 +00:00
jsg
0a79225c68 update 2018-10-23 06:46:39 +00:00
jsg
19f2c52c66 Merge Mesa 17.3.9
Mesa 18.x needs an ld with build-id for at least the intel code
Mesa 18.2 assumes linux only memfd syscalls in intel code

Tested by matthieu@, kettenis@ and myself on a variety of hardware and
architectures. ok kettenis@
2018-10-23 06:35:32 +00:00
jsg
587354b697 Import Mesa 17.3.9 2018-10-23 05:40:45 +00:00
matthieu
2c83b87d07 update 2018-10-20 19:26:12 +00:00
matthieu
5c831511f8 Update to libSM 1.2.3 2018-10-20 19:25:32 +00:00
matthieu
7070f339ed Update to libX11 1.6.7 2018-10-20 19:23:25 +00:00
matthieu
edd3ecfc7c Explicitely disable xf86misc 2018-10-20 19:09:19 +00:00
matthieu
792e7828ab update 2018-10-16 19:33:35 +00:00
matthieu
71dca55fd9 Update to libxcb 1.13.1, a small bug fix release.
ok naddy@
2018-10-04 20:17:48 +00:00
matthieu
4a94cb7b79 update 2018-09-30 08:58:33 +00:00
deraadt
f6e29c09b7 sync 2018-09-27 03:41:24 +00:00
deraadt
97f61bb6a9 sync 2018-09-18 13:30:35 +00:00
jsg
227a344eb5 update 2018-09-13 12:05:53 +00:00
jsg
e30e37f12c sync 2018-09-13 12:04:37 +00:00
jsg
d4accf8419 Merge libdrm 2.4.94 2018-09-13 12:02:27 +00:00
jsg
a81d3f52ae Import libdrm 2.4.94 2018-09-13 11:55:15 +00:00
matthieu
1bd966a0de update 2018-09-11 19:38:31 +00:00
matthieu
2c9ca21d14 sync 2018-09-11 19:35:55 +00:00
matthieu
bba3e9eeb5 Update to libxcb 1.13. ok tb@ 2018-09-11 19:34:56 +00:00
matthieu
cf8b8cfede Update to xcb-proto 1.13. ok tb@ 2018-09-11 19:31:11 +00:00
matthieu
f4445f7d08 Add an option to disable the active area. From Sebastien Marie.
ok claudio@ Thanks.
2018-09-06 07:21:34 +00:00
deraadt
5ee5cf05ca sync 2018-08-28 06:41:41 +00:00
kettenis
d5e3922245 Build radeon drivers on arm64.
ok jsg@, matthieu@
2018-08-27 15:04:15 +00:00
kettenis
cca6245e3f Build xf86-video-ati on arm64.
ok jsg@, matthieu@
2018-08-27 15:03:23 +00:00
matthieu
809bf3c6dd update 2018-08-23 20:44:11 +00:00
matthieu
c73330a68c sync 2018-08-23 20:42:57 +00:00
matthieu
b39f51f9a1 Udate to libX11 1.6.6. bug fixes release - no API/ABI changes. 2018-08-23 19:38:11 +00:00
kettenis
8869fa7f9c Initialize PCI subsystem on arm64.
ok matthieu@
2018-08-20 21:48:55 +00:00
matthieu
e3db5b957d update 2018-08-15 11:03:19 +00:00
matthieu
e28c499980 Use priv_open_device() to open the dri device in glamor_dri3_open_client().
Fixes DRI3 with Xserver running as _x11 with xenodm.
close-on-exec is now default for priv_open_device().
ok kettenis@
2018-08-06 20:14:04 +00:00
matthieu
d9aef29941 set MSG_CMSG_CLOEXEC when receiving file descriptors.
All file descriptors opened via priv_open_device() can benefit of
the close-on-exec flag.
ok kettenis@.
2018-08-06 20:11:34 +00:00
matthieu
857c4a5264 libXpresent depends on libXrandr. Noticed by naddy@. Thanks 2018-08-06 15:09:42 +00:00