Commit Graph

99 Commits

Author SHA1 Message Date
jcs
6b6f912425 revert local change which removed -retro flag and adjust -br to
properly override our default behavior of stippled root.

no objection from deraadt and kettenis
2020-06-12 14:45:55 +00:00
matthieu
ad9a065c46 Release unused filedescriptors in the privileged X server process.
There is no reason to keep /dev/pci* and /dev/ttyC* open in this process.
pointed to  by deraadt. ok kettenis@ deraadt@
2020-04-20 18:17:25 +00:00
matthieu
9064f8eee5 Update to xserver 1.20.8. ok jsg@ robert@ 2020-04-13 08:06:58 +00:00
matthieu
40d42722f6 Update to xserver 1.20.7 plus 2 extra fixes from upstream. ok jsg@ 2020-01-26 13:48:54 +00:00
matthieu
9a532c5475 Update to X server 1.20.6. Tested by naddy@ 2019-12-12 06:05:17 +00:00
matthieu
a77e9959f3 Update to xserver 1.20.5. Tested by jsg@ 2019-07-27 07:57:06 +00:00
jcs
fa30b33449 when probing for wsmouse devices, check up to wsmouse9
ok deraadt
2019-06-11 14:51:34 +00:00
matthieu
e7e87a2ccb Update to xserver 1.19.7. Tested by jca@ and stsp@. 2019-03-19 21:19:54 +00:00
mestre
e897f28b00 xserver's priv proc is responsible for opening devices in O_RDWR mode and send
their fds over to the parent proc. Knowing this then we already have a list of
all possible devices that might be opened in the future, in struct okdev
allowed_devices[], and we just need to traverse them and unveil(2) each one
with read/write permissions.

positive feedback from semarie@, OK matthieu@
2018-10-25 06:41:25 +00:00
matthieu
d9aef29941 set MSG_CMSG_CLOEXEC when receiving file descriptors.
All file descriptors opened via priv_open_device() can benefit of
the close-on-exec flag.
ok kettenis@.
2018-08-06 20:11:34 +00:00
matthieu
857585fc69 Update to xserver 1.19.6. bug fix release 2018-02-18 17:16:37 +00:00
matthieu
1a66cad3fb Update to xserver 1.19.5.
Tested by bru@, jsg@ and others
2017-12-08 15:01:59 +00:00
matthieu
fe08a081d8 MFC: os: Make sure big requests have sufficient length.
A client can send a big request where the 32B "length" field has value
0. When the big request header is removed and the length corrected,
the value will underflow to 0xFFFFFFFF.  Functions processing the
request later will think that the client sent much more data and may
touch memory beyond the receive buffer.
2017-10-14 09:17:40 +00:00
matthieu
2666ed3f9e Fix arc4random_buf(3) detection. Noticed by Eric Engestrom on
the xorg-devel list. Thanks
2017-03-01 19:22:36 +00:00
matthieu
da8f098a38 Oops, in previous commit I forgot to remove the actual implementation
of the unused *ToID functions(). Spotted by Adam Jackson on xorg-devel
list.  Thanks.
2017-02-28 23:05:46 +00:00
matthieu
5d64bd18eb regen 2017-02-28 18:33:44 +00:00
matthieu
e087a236fc auth: remove AuthToIDFunc and associated functions. Not used anymore.
And the current code for MitToId has a use-after-free() issue.
Advisory X41-2017-001: Multiple Vulnerabilities in X.Org
2017-02-28 18:32:53 +00:00
matthieu
eb3d247766 MFC: Use arc4random_buf(3) if available to generate cookies.
Advisory X41-2017-001: Multiple Vulnerabilities in X.Org.
2017-02-28 18:27:40 +00:00
matthieu
9ddca5b541 MFC: Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES
Advisory X41-2017-001: Multiple Vulnerabilities in X.Org.
2017-02-28 18:24:48 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
matthieu
6e1bcfb3c6 Update to xserver 1.18.4
tested by krw@ and dcoppa@ ok dcoppa@
2016-08-09 18:59:50 +00:00
matthieu
e927c03e30 Update to xserver 1.18.3. Tested by shadchin@ and naddy@.
Note that indirect GLX is now disbled by default.
2016-05-29 12:02:34 +00:00
matthieu
f7d98a310c pledge(2) for the X server privileged process. ok deraadt@ 2015-11-11 21:07:49 +00:00
matthieu
4c6a4e1e00 Update to xserver 1.17.4.
tested by naddy@
2015-11-07 16:48:51 +00:00
matthieu
86ea9f12e2 Update to xserver 1.17.2. tested by dcoppa@, jsg@, jasper@ & naddy@ 2015-09-16 19:10:19 +00:00
matthieu
3e477e765c Merge from upstream: Don't listen to 'tcp' by default. Add '-listen' option.
commit cc59be38b7eff52a1d003b390f2994c73ee0b3e9
Author: Keith Packard <keithp@keithp.com>
Date:   Fri Sep 12 11:33:48 2014 -0700

    os: Don't listen to 'tcp' by default. Add '-listen' option. [v2]

    This disables the tcp listen socket by default. Then, it
    uses a new xtrans interface, TRANS(Listen), to provide a command line
    option to re-enable those if desired.

    v2: Leave unix socket enabled by default. Add configure options.

    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Hans de Goede <hdegoede@redhat.com>
2015-06-20 10:03:56 +00:00
matthieu
5b19f6d757 Update to xserver 1.16.4.
Contains fix for CVE-2015-0255. ok dcoppa@
2015-02-11 20:58:46 +00:00
matthieu
7db4642f69 Update to xorg-server 1.16.3.
Most of the 1.16.2->1.16.3 changes are the security patches that
where already there. This adds some extra fixes plus a few unrelated
bug fixes.
2014-12-21 11:41:44 +00:00
matthieu
797ed93386 Protocol handling issues in X Window System servers
One year after Ilja van Sprundel, discovered and reported a large number
of issues in the way the X server code base handles requests from X clients,
they have been fixed.
2014-12-09 17:58:52 +00:00
matthieu
d1b6c6dea7 No more /dev/agp0 2014-10-18 14:39:40 +00:00
matthieu
64609bb78a white space diff redux 2014-09-28 10:01:52 +00:00
matthieu
4f58590a42 Update to xserver 1.16.1.
Tested by naddy@, jsg@ & kettenis@
2014-09-27 17:52:59 +00:00
matthieu
3bbfe7b179 Update to xserver 1.15.1.
Tested by at least ajacoutot@, dcoppa@ & jasper@
2014-05-02 19:27:46 +00:00
matthieu
511a911dd8 Update to xserver 1.14.4 2013-12-08 10:53:01 +00:00
matthieu
577763cda7 Uodate to xserver 1.14.2. Tested by krw@, shadchin@, todd@ 2013-08-24 19:44:25 +00:00
kettenis
a9e4debd4a Handle more /dev/drmN devices.
ok matthieu@, jsg@
2013-08-13 18:14:31 +00:00
matthieu
adec87cf5d Update to X server 1.14.1. Tested by many during t2k13. Thanks. 2013-06-07 17:28:45 +00:00
matthieu
e26a212fd0 Regen autotools build system with a clean environment.
It was previously generated with a config pointing to OpenBSD's libtool
which is not ready yet.
2012-10-27 14:52:25 +00:00
matthieu
58d9658ddc regen 2012-10-14 08:59:33 +00:00
matthieu
1c882161e8 In priv_open_device() allow opening tty[E-J]0. While there remove
ttyD[1-7] from the list, since those devices will never get used by X.
2012-08-14 15:57:57 +00:00
matthieu
1996326d50 Fix a logic introducred in rev 1.23. The parent pid is initialized
by the main X server too late in the privsep case (already in the
unpriviliged child). So keep the early init for this case.
2012-08-12 14:06:42 +00:00
matthieu
5f8132e311 Add privsep prototypes to osdep.h 2012-08-07 20:16:12 +00:00
matthieu
c7c0180b4c In non-privilege sepration mode, avoid accidentally sending
a SIGUSR1 signal to init(8).

It can happen that xdm dies before the X server that it started.
In that case X's is reparented by init...

This is handled correctly when privilege separation is not compiled
but got overlooked in the privilege separation case.
2012-08-07 20:15:23 +00:00
matthieu
4f2bf5df6d Rename 'socket' parameter to avoid shadowing the global declaration. 2012-08-07 20:13:18 +00:00
matthieu
eb59960f12 regen autotools 2012-08-05 18:14:29 +00:00
matthieu
e60da74507 Update to xserver 1.12.2. tested by naddy@, krw@, mpi@. 2012-06-10 13:21:05 +00:00
matthieu
b4a75b3e96 Return an error much earlier if recvmsg fails. 2012-04-04 20:34:55 +00:00
matthieu
9576ef223d Update to xserver 1.11.4. tested by krw@, shadchin@. 2012-01-31 07:52:35 +00:00
matthieu
4344ac3914 Bugfix Update to xserver 1.11.3 2011-12-18 16:08:59 +00:00
matthieu
61a7d5427d Update to xserver 1.11.2 2011-11-05 13:32:40 +00:00