IABSD.fr/xenocara/xserver
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
0a2f4bc7 | 2020-07-31 14:00:21 | fix for X Server Pixel Data Uninitialized Memory Information Disclosure CVE-2020-14347 This vulnerability was discovered and reported to X.Org by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. | |
|
60964e1b | 2020-06-14 16:02:38 | sync white space with upstream. No code change. | |
 |
6b6f9124 | 2020-06-12 14:45:55 | revert local change which removed -retro flag and adjust -br to properly override our default behavior of stippled root. no objection from deraadt and kettenis | |
|
ad9a065c | 2020-04-20 18:17:25 | Release unused filedescriptors in the privileged X server process. There is no reason to keep /dev/pci* and /dev/ttyC* open in this process. pointed to by deraadt. ok kettenis@ deraadt@ | |
|
806accb3 | 2020-04-18 09:41:18 | Remove unused files. | |
|
ac0e12b4 | 2020-04-14 17:29:21 | dix: do not send focus event when grab actually does not change upstream commit 364d64981549544213e2bca8de6ff8a5b2b5a69e Fixes an issue in xserver 1.20 where some applications were loosing focus. Naddy@ reported it appeards in SDL 1.2 games (burgerspace). tested and ok naddy@ | |
|
9064f8ee | 2020-04-13 08:06:58 | Update to xserver 1.20.8. ok jsg@ robert@ | |
 |
fb24e5a8 | 2020-03-04 21:07:12 | Use modesetting driver as the default for rkdrm(4). ok patrick@, jsg@ | |
|
40d42722 | 2020-01-26 13:48:54 | Update to xserver 1.20.7 plus 2 extra fixes from upstream. ok jsg@ | |
|
9a532c54 | 2019-12-12 06:05:17 | Update to X server 1.20.6. Tested by naddy@ | |
|
35220e47 | 2019-09-15 12:31:08 | Add modesetting driver as a fall-back when appropriate such that we can use it when running withour root privileges which prevents us from scanning the PCI bus. This makes startx(1)/xinit(1) work again on modern systems with inteldrm(4), radeondrm(4) and amdgpu(4). In some cases this will result in using a different driver than with xenodm(4) which may expose issues (e.g. when we prefer the intel Xorg driver) or loss of acceleration (e.g. older cards supported by radeondrm(4)). ok jsg@, matthieu@ | |
 |
5e779230 | 2019-08-24 01:20:16 | sync i965 pci ids with xserver git master ok matthieu@ | |
|
38e2fafc | 2019-08-24 01:15:31 | remove duplicate ids added by patch in xserver 1.20.5 update ok matthieu@ | |
|
1e4dc55a | 2019-08-15 14:48:45 | Don't prune duplicate modes there. This function removes too many modes, causing trouble with the vesa driver at least. Problem reported by semarie@. Thanks. | |
|
d719f7f3 | 2019-08-03 17:19:54 | Remove one more file that is no longer part of upstream tarballs. Missed in previous commit. | |
|
95df71af | 2019-08-03 16:56:01 | Remove files that are no longer part of upstream tarballs. They accumulated over releases for various reasons. No build change. | |
|
a77e9959 | 2019-07-27 07:57:06 | Update to xserver 1.20.5. Tested by jsg@ | |
|
fa30b334 | 2019-06-11 14:51:34 | when probing for wsmouse devices, check up to wsmouse9 ok deraadt | |
 |
0f8d0b1f | 2019-05-11 16:30:32 | Enable colemak OK matthieu@ | |
|
4fd0ec7f | 2019-04-28 03:12:53 | Backport cf7517675d988c2d1ff967d6d162a17acbdad46 from xserver 1.20 xfree86: Hold input_lock across SPRITE functions in VGA arbiter Fixes stack overflow crash with VGA arbiter used with multi GPU systems. Report and fix identified by 'Joe M' on misc@. ok matthieu@ | |
 |
63a1f613 | 2019-04-06 13:51:18 | When checking keyboard variants, perform a stricter comparison. This prevents kbd(8) layouts with particular bitmasks from being wrongly detected as French. Broken behavior reported by Diogo Galvao; thanks! ok mpi@ matthieu@ | |
|
e7e87a2c | 2019-03-19 21:19:54 | Update to xserver 1.19.7. Tested by jca@ and stsp@. | |
|
c4230992 | 2019-02-18 02:41:24 | sync xserver dri2 pci_ids with the latest Mesa the modesetting driver uses these to pick a dri driver name ok phessler@ kettenis@ matthieu@ | |
|
5a9c7d77 | 2019-01-03 19:31:25 | Call xf86OpenConsole() before probing for drivers. On OpenBSD, we need the console fd to query wsdisplay type, This was only causing problems with -keepPriv, since the privilege separation code already calls xf86OpenConsole() earlier. The function is idempotent, so there's no harm calling it several times. ok kettenis@ | |
|
aceb52e1 | 2018-11-03 14:05:28 | Explicitely disable xdm-authorization-1 support in X server. It was previously disabled by a broken test for XdmcpWrap() in xdm and later in xenodm but it won't be missed. (use of DES, no IPv6 support). ok tb@ mortimer@ | |
 |
d9d5fc59 | 2018-10-25 21:55:18 | Disable setuid on the X server. We have always known it is a trash fire and we held out hope too long. This will break some stuff. Let's start with non-setuid as the baseline, and see if it is worth trying to fix the broken parts in some other way. | |
|
2d6e93a5 | 2018-10-25 15:44:27 | MFC: Disable -logfile and -modulepath when running with elevated privileges. This Could cause arbitrary files overwrite. CVE-2018-14665. | |
 |
e897f28b | 2018-10-25 06:41:25 | xserver's priv proc is responsible for opening devices in O_RDWR mode and send their fds over to the parent proc. Knowing this then we already have a list of all possible devices that might be opened in the future, in struct okdev allowed_devices[], and we just need to traverse them and unveil(2) each one with read/write permissions. positive feedback from semarie@, OK matthieu@ | |
|
8869fa7f | 2018-08-20 21:48:55 | Initialize PCI subsystem on arm64. ok matthieu@ | |
|
e28c4999 | 2018-08-06 20:14:04 | Use priv_open_device() to open the dri device in glamor_dri3_open_client(). Fixes DRI3 with Xserver running as _x11 with xenodm. close-on-exec is now default for priv_open_device(). ok kettenis@ | |
|
d9aef299 | 2018-08-06 20:11:34 | set MSG_CMSG_CLOEXEC when receiving file descriptors. All file descriptors opened via priv_open_device() can benefit of the close-on-exec flag. ok kettenis@. | |
|
65b51547 | 2018-07-30 16:00:39 | setup WSMOUSE_TYPE_TOUCHPAD devices to use ws driver by default, but allow them to work with xf86-input-synaptics with and ok bru@ | |
|
13d37ac4 | 2018-04-19 14:52:34 | modesetting: setup colormap Fixes utilities like xcalib Upstream xorg commit ac138f9b31b0fba00742edbc3326afe66e28099a ok matthieu | |
 |
55401507 | 2018-03-15 10:02:36 | After updated to xserver 1.19.5, the con figure's default value of --enable-glamor has changed from 'no' to 'auto'. This makes an error running configure on luna88k, so disable it explicitly with ${XENOCARA_BUILD_GL}=no machines. ok jsg@ | |
|
857585fc | 2018-02-18 17:16:37 | Update to xserver 1.19.6. bug fix release | |
|
6906cf1b | 2018-01-20 12:25:26 | Remove code to pull softfloat libs. It was needed at some point in the past, but doesn't compile and isn't needed with clang. Reported by jsg@. | |
 |
b8144c06 | 2018-01-15 15:30:36 | watch for events sent by drm(4) over kevent using EVFILT_DEVICE and NOTE_CHANGE to notify the desktop environment to deal with the change (e.g. after plugging in an HDMI cable) with this change there is no need to manually do any randr commands if your desktop environment supports it (gnome, mate, kde, etc.) ok matthieu@, kettenis@ | |
|
1a66cad3 | 2017-12-08 15:01:59 | Update to xserver 1.19.5. Tested by bru@, jsg@ and others | |
 |
a6a6fd0c | 2017-12-05 20:56:26 | Use ws as default driver for touchpads. ok matthieu@ | |
|
f51fea01 | 2017-10-14 09:35:14 | MFC: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) | |
|
18698290 | 2017-10-14 09:33:48 | MFC: dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177) v2: Protect against integer overflow (Alan Coopersmith) | |
|
394a8aee | 2017-10-14 09:32:30 | MFC: Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178) | |
|
74d10c41 | 2017-10-14 09:30:50 | MFC: Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer [jcristau: originally this patch fixed the same issue as commit 211e05ac85 "Xi: Test exact size of XIBarrierReleasePointer", with the addition of these checks] This addresses CVE-2017-12179 | |
|
792e23cc | 2017-10-14 09:29:01 | MFC: Xi: Test exact size of XIBarrierReleasePointer Otherwise a client can send any value of num_barriers and cause reading or swapping of values on heap behind the receive buffer. | |
|
515a707d | 2017-10-14 09:24:30 | MFC: hw/xfree86: unvalidated lengths This addresses: CVE-2017-12180 in XFree86-VidModeExtension CVE-2017-12181 in XFree86-DGA CVE-2017-12182 in XFree86-DRI | |
|
d6248304 | 2017-10-14 09:22:49 | MFC: xfixes: unvalidated lengths (CVE-2017-12183) v2: Use before swap (Jeremy Huddleston Sequoia) v3: Fix wrong XFixesCopyRegion checks (Alan Coopersmith) | |
|
3b3c79f0 | 2017-10-14 09:20:42 | MFC: Unvalidated lengths v2: Add overflow check and remove unnecessary check (Julien Cristau) This addresses: CVE-2017-12184 in XINERAMA CVE-2017-12185 in MIT-SCREEN-SAVER CVE-2017-12186 in X-Resource CVE-2017-12187 in RENDER | |
|
fe08a081 | 2017-10-14 09:17:40 | MFC: os: Make sure big requests have sufficient length. A client can send a big request where the 32B "length" field has value 0. When the big request header is removed and the length corrected, the value will underflow to 0xFFFFFFFF. Functions processing the request later will think that the client sent much more data and may touch memory beyond the receive buffer. | |
|
9b9efb1b | 2017-10-14 09:15:11 | MFC: xkb: Handle xkb formated string output safely (CVE-2017-13723) Generating strings for XKB data used a single shared static buffer, which offered several opportunities for errors. Use a ring of resizable buffers instead, to avoid problems when strings end up longer than anticipated. | |
|
fd77a349 | 2017-10-14 09:12:44 | MFC: xkb: Escape non-printable characters correctly XkbStringText escapes non-printable characters using octal numbers. Such escape sequence would be at most 5 characters long ("\0123"), so it reserves 5 bytes in the buffer. Due to char->unsigned int conversion, it would print much longer string for negative numbers. | |
|
2f2a50b9 | 2017-10-14 09:06:06 | MFC: Xext/shm: Validate shmseg resource id (CVE-2017-13721) Otherwise it can belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client. | |
|
c6ab4990 | 2017-09-25 15:05:57 | Force Intel Ironlake chipsets to use the xf86-video-intel driver. stsp@ reported that modesetting(4) has been reported unreliable on his laptop, while intel(4) works. XXXX to be removed after 6.2 to figure out and fix the issue. ok kettenis@, also discussed briefly with deraadt@ during EuroBSDCon. | |
|
b8da768e | 2017-08-07 19:17:56 | Disable SSE optimizations on i386/amd64 for SlowBcopy. It is supposed to be slow, and when such instructions are used to copy data from/to mapped video memory, some hypervisors (e.g. KVM, Microsoft Hyper-V) can generate SIGILL or SIGBUS exceptions, causing Xorg to crash. Bug report to OpenBSD by Max Parmer, fix from FreeBSD (Dimitry Andric) via kettenis@ ok kettenis@ | |
|
38475bb3 | 2017-08-07 12:30:34 | Create on OpenBSD-specific version of listPossibleVideoDrivers() that takes care of autoconfiguration based on the information returned by the WSDISPLAYIO_GTYPE ioctl of the console FD. This should fix selection of wsfb on loongson and sgi when using a non-KMS kernel driver. ok matthieu@, jsg@ | |
|
d74e2cb1 | 2017-07-14 11:38:05 | Use the modesetting driver by default on 4th generation Intel Graphics and later. This matches what several Linux distros do these days as it tends to work better than the intel driver in most cases. There are some performance issues with vncviewer on at least Ivy Bridge and Haswell. But for now that regression outweighs the benefits. ok robert@, tedu@, sthen@ | |
|
11bfbfff | 2017-07-12 20:08:07 | Add code to update the value of the RandR "Backlight" property based on the KMS connector property of the same name if such a property is present. ok matthieu@ | |
|
1862f548 | 2017-07-07 06:22:19 | Merge upstream fixes to the X event swapping code. (CVE-2017-10971 and CVE-2017-10972). | |
 |
55a8e552 | 2017-05-21 13:18:29 | Make X work with radeondrm(4) hardware on loongson. OK jsg@ | |
|
f372d76f | 2017-03-07 03:40:33 | make xserver build on arm64 ok matthieu@ | |
|
2666ed3f | 2017-03-01 19:22:36 | Fix arc4random_buf(3) detection. Noticed by Eric Engestrom on the xorg-devel list. Thanks | |
|
da8f098a | 2017-02-28 23:05:46 | Oops, in previous commit I forgot to remove the actual implementation of the unused *ToID functions(). Spotted by Adam Jackson on xorg-devel list. Thanks. | |
|
5d64bd18 | 2017-02-28 18:33:44 | regen | |
|
e087a236 | 2017-02-28 18:32:53 | auth: remove AuthToIDFunc and associated functions. Not used anymore. And the current code for MitToId has a use-after-free() issue. Advisory X41-2017-001: Multiple Vulnerabilities in X.Org | |
|
eb3d2477 | 2017-02-28 18:27:40 | MFC: Use arc4random_buf(3) if available to generate cookies. Advisory X41-2017-001: Multiple Vulnerabilities in X.Org. | |
|
9ddca5b5 | 2017-02-28 18:24:48 | MFC: Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES Advisory X41-2017-001: Multiple Vulnerabilities in X.Org. | |
|
fd18c20e | 2016-10-11 22:14:30 | regen | |
|
13cbbbd6 | 2016-10-04 19:48:48 | ignore chown error (for systems which don't install a Xserver) | |
|
8587a95e | 2016-10-02 17:21:29 | fix the ownership of the link /usr/X11R6/bin/X -> Xorg | |
|
b9d0c0fb | 2016-09-12 21:57:14 | Fix a bunch of gcc warnings. - constify name field - rename devname -> devnam - replace deprecated Xprintf() with asprintf() | |
|
595a0e50 | 2016-09-12 21:46:25 | sys/select.h -> sys/time.h | |
|
d2533042 | 2016-09-12 21:44:30 | Fix build after headers cleanup. include wscons headers after sys/ioct.h and sys/select.h with deraadt@ and kettenis@ | |
 |
8113144b | 2016-09-03 14:58:02 | Remove zaurus keyboard model ok matthieu@ | |
|
ee65902d | 2016-08-13 14:05:23 | Kill remaining HP300 bits | |
|
6e1bcfb3 | 2016-08-09 18:59:50 | Update to xserver 1.18.4 tested by krw@ and dcoppa@ ok dcoppa@ | |
|
185312ce | 2016-08-03 19:31:23 | xserver: fix an off-by-one error that lead to asprintf("%s", NULL) reported by deraadt@, fix reviewed in X.Org by Keith Packard. | |
|
7d876864 | 2016-07-30 12:18:35 | Merge the build of Xephyr in the main xserver build. Recent X server doesn't require to build the DIX with different options for xfree86 and kdrive. Tested for beeing a no-op on m88k by Kenji Aoyama. Thanks | |
|
e927c03e | 2016-05-29 12:02:34 | Update to xserver 1.18.3. Tested by shadchin@ and naddy@. Note that indirect GLX is now disbled by default. | |
|
5b07d034 | 2016-05-12 07:19:50 | No more hppa64 | |
|
6b14cdf9 | 2016-04-24 17:21:55 | Fix white space/indentation to match X.Org style. | |
|
a009af0b | 2016-04-24 17:20:04 | Fall back to /dev/ttyC0 when the console device is not a wsdisplay(4) Problem noticed by sthen@. | |
|
a096d7ad | 2016-04-02 16:57:58 | Don't build the PCVT console backend anymore. | |
|
3b5e851d | 2016-04-02 14:25:10 | Implement VT switching (based on the USL compat interface) in the wscons console backend and use it by default. ok kettenis@ | |
|
e44b23d2 | 2016-03-27 18:48:41 | Make alpha_video.c build in recent X server. Completely broken on VGA cards (libpciaccess doesn't know about the alpha specific ways of mapping the PCI space), only XRender is broken on TGA cards. | |
 |
27f67406 | 2016-03-11 13:09:42 | Remove support vax and XENOCARA_HAVE_SHARED_LIBS scaffolding. ok matthieu@ | |
|
ab587bce | 2016-03-06 17:11:46 | Cleanup gcc warnings and function prototypes. | |
|
926017f7 | 2016-03-06 16:09:27 | Fix typo introduced 5.5 years ago. Note: this changes the #if test result, but the now #ifdef out code has no effect. | |
|
4a17b803 | 2016-02-20 10:58:10 | No more aviion | |
|
f1584286 | 2016-02-07 09:51:01 | solbourne was removed | |
|
ca4d0512 | 2015-12-29 18:47:21 | Detect keyboard configuration by masking bits, not equality checks. Fixes the case where a kbd(8) setting has multiple bits set (e.g., us.dvorak.swapctrlcaps). Bug reported by Sevan Janiyan. ok shadchin@ matthieu@ | |
|
ed4591c1 | 2015-12-21 08:37:11 | On Broadwell, default to using the modesetting driver. Our KMS support on Broadwell is still a bit weak and the modesetting driver seems to work better than the intel driver, while still providing 3D acceleration and video playback support. ok phessler@, matthieu@, jsg@ | |
|
c7a6143b | 2015-12-01 21:20:21 | Enable glamor on architectures where we have OpenGL. ok jsg@, matthieu@ | |
|
2e2a8984 | 2015-12-01 21:18:47 | Remove a check for DRI3 in glamor_name_from_pixmap(). This makes DRI2 work on OpenBSD where we don't have support for DRI3 yet. ok jsg@, matthieu@ | |
|
bfcc545c | 2015-12-01 21:17:49 | Use an ARGB8888 based texture even when DRI3 isn't enabled. This achieves the same effect as a change that was recently made upstream. The code changed significantly in the meantime. ok jsg@, matthieu@ | |
|
e6977614 | 2015-12-01 21:13:48 | Call miSyncSetup() if we don't call miSyncShmScreenInit() because HAVE_XSHMFENCE isn't defined. This makes sure the relevant "private key" gets installed such that we don't hit a fatal assert later. ok jsg@, matthieu@ | |
|
184a9833 | 2015-11-17 10:49:57 | Pass --disable-libdrm option to configure when the machine does not support DRI. Found while building Xorg server on luna88k. "fine for now" matthieu@ | |
|
1e036e40 | 2015-11-15 08:28:24 | Remove the -configure option. This has been broken for a loong time and no one is going to fix it. | |
|
f7d98a31 | 2015-11-11 21:07:49 | pledge(2) for the X server privileged process. ok deraadt@ | |
|
4c6a4e1e | 2015-11-07 16:48:51 | Update to xserver 1.17.4. tested by naddy@ | |
|
f00e3078 | 2015-10-25 15:24:06 | Reduce white space diff with upstreams. No other change. | |
|
e957e255 | 2015-09-28 07:14:00 | Post xserver 1.17 cleanup |