x11-base/xorg-server: fix crash on FlushAllOutput, bug #555776
authorSergei Trofimovich <slyfox@gentoo.org>
Sat, 22 Aug 2015 20:06:18 +0000 (21:06 +0100)
committerSergei Trofimovich <slyfox@gentoo.org>
Sat, 22 Aug 2015 20:10:50 +0000 (21:10 +0100)
Bug: https://bugs.freedesktop.org/91316
Bug: https://bugs.gentoo.org/555776

Package-Manager: portage-2.2.20

x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch [new file with mode: 0644]
x11-base/xorg-server/xorg-server-1.17.2-r1.ebuild [new file with mode: 0644]

diff --git a/x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch b/x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch
new file mode 100644 (file)
index 0000000..6818196
--- /dev/null
@@ -0,0 +1,65 @@
+https://bugs.gentoo.org/show_bug.cgi?id=555776
+
+From 7cc7ffd25d5e50b54cb942d07d4cb160f20ff9c5 Mon Sep 17 00:00:00 2001
+From: Martin Peres <martin.peres@linux.intel.com>
+Date: Fri, 17 Jul 2015 17:21:26 +0300
+Subject: [PATCH] os: make sure the clientsWritable fd_set is initialized
+ before use
+
+In WaitForSomething(), the fd_set clientsWritable may be used unitialized when
+the boolean AnyClientsWriteBlocked is set in the WakeupHandler(). This leads to
+a crash in FlushAllOutput() after x11proto's commit
+2c94cdb453bc641246cc8b9a876da9799bee1ce7.
+
+The problem did not manifest before because both the XFD_SIZE and the maximum
+number of clients were set to 256. As the connectionTranslation table was
+initalized for the 256 clients to 0, the test on the index not being 0 was
+aborting before dereferencing the client #0.
+
+As of commit 2c94cdb453bc641246cc8b9a876da9799bee1ce7 in x11proto, the XFD_SIZE
+got bumped to 512. This lead the OutputPending fd_set to have any fd above 256
+to be uninitialized which in turns lead to reading an index after the end of
+the ConnectionTranslation table. This index would then be used to find the
+client corresponding to the fd marked as pending writes and would also result
+to an out-of-bound access which would usually be the fatal one.
+
+Fix this by zeroing the clientsWritable fd_set at the beginning of
+WaitForSomething(). In this case, the bottom part of the loop, which would
+indirectly call FlushAllOutput, will not do any work but the next call to
+select will result in the execution of the right codepath. This is exactly what
+we want because we need to know the writable clients before handling them. In
+the end, it also makes sure that the fds above MaxClient are initialized,
+preventing the crash in FlushAllOutput().
+
+Thanks to everyone involved in tracking this one down!
+
+Reported-by: Karol Herbst <freedesktop@karolherbst.de>
+Reported-by: Tobias Klausmann <tobias.klausmann@mni.thm.de>
+Signed-off-by: Martin Peres <martin.peres@linux.intel.com>
+Tested-by: Martin Peres <martin.peres@linux.intel.com>
+Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=91316
+Cc: Ilia Mirkin  <imirkin@alum.mit.edu>
+Cc: Martin Peres <martin.peres@linux.intel.com>
+Cc: Olivier Fourdan <ofourdan@redhat.com
+Cc: Adam Jackson <ajax@redhat.com>
+Cc: Alan Coopersmith <alan.coopersmith@oracle.com
+Cc: Chris Wilson <chris@chris-wilson.co.uk>
+---
+ os/WaitFor.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/os/WaitFor.c b/os/WaitFor.c
+index 431f1a6..993c14e 100644
+--- a/os/WaitFor.c
++++ b/os/WaitFor.c
+@@ -158,6 +158,7 @@ WaitForSomething(int *pClientsReady)
+     Bool someReady = FALSE;
+     FD_ZERO(&clientsReadable);
++    FD_ZERO(&clientsWritable);
+     if (nready)
+         SmartScheduleStopTimer();
+-- 
+2.4.5
+
diff --git a/x11-base/xorg-server/xorg-server-1.17.2-r1.ebuild b/x11-base/xorg-server/xorg-server-1.17.2-r1.ebuild
new file mode 100644 (file)
index 0000000..8181fa5
--- /dev/null
@@ -0,0 +1,245 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+XORG_DOC=doc
+inherit xorg-2 multilib versionator flag-o-matic
+EGIT_REPO_URI="git://anongit.freedesktop.org/git/xorg/xserver"
+
+DESCRIPTION="X.Org X servers"
+SLOT="0/${PV}"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux"
+
+IUSE_SERVERS="dmx kdrive xephyr xnest xorg xvfb"
+IUSE="${IUSE_SERVERS} glamor ipv6 minimal nptl selinux +suid systemd tslib +udev unwind wayland"
+
+CDEPEND=">=app-eselect/eselect-opengl-1.3.0
+       dev-libs/openssl
+       media-libs/freetype
+       >=x11-apps/iceauth-1.0.2
+       >=x11-apps/rgb-1.0.3
+       >=x11-apps/xauth-1.0.3
+       x11-apps/xkbcomp
+       >=x11-libs/libdrm-2.4.46
+       >=x11-libs/libpciaccess-0.12.901
+       >=x11-libs/libXau-1.0.4
+       >=x11-libs/libXdmcp-1.0.2
+       >=x11-libs/libXfont-1.4.2
+       >=x11-libs/libxkbfile-1.0.4
+       >=x11-libs/libxshmfence-1.1
+       >=x11-libs/pixman-0.27.2
+       >=x11-libs/xtrans-1.3.5
+       >=x11-misc/xbitmaps-1.0.1
+       >=x11-misc/xkeyboard-config-2.4.1-r3
+       dmx? (
+               x11-libs/libXt
+               >=x11-libs/libdmx-1.0.99.1
+               >=x11-libs/libX11-1.1.5
+               >=x11-libs/libXaw-1.0.4
+               >=x11-libs/libXext-1.0.99.4
+               >=x11-libs/libXfixes-5.0
+               >=x11-libs/libXi-1.2.99.1
+               >=x11-libs/libXmu-1.0.3
+               x11-libs/libXrender
+               >=x11-libs/libXres-1.0.3
+               >=x11-libs/libXtst-1.0.99.2
+       )
+       glamor? (
+               media-libs/libepoxy
+               >=media-libs/mesa-10.3.4-r1[egl,gbm]
+               !x11-libs/glamor
+       )
+       kdrive? (
+               >=x11-libs/libXext-1.0.5
+               x11-libs/libXv
+       )
+       xephyr? (
+               x11-libs/libxcb
+               x11-libs/xcb-util
+               x11-libs/xcb-util-image
+               x11-libs/xcb-util-keysyms
+               x11-libs/xcb-util-renderutil
+               x11-libs/xcb-util-wm
+       )
+       !minimal? (
+               >=x11-libs/libX11-1.1.5
+               >=x11-libs/libXext-1.0.5
+               >=media-libs/mesa-10.3.4-r1[nptl=]
+       )
+       tslib? ( >=x11-libs/tslib-1.0 )
+       udev? ( >=virtual/udev-150 )
+       unwind? ( sys-libs/libunwind )
+       wayland? (
+               >=dev-libs/wayland-1.3.0
+               media-libs/libepoxy
+       )
+       >=x11-apps/xinit-1.3.3-r1
+       systemd? (
+               sys-apps/dbus
+               sys-apps/systemd
+       )"
+
+DEPEND="${CDEPEND}
+       sys-devel/flex
+       >=x11-proto/bigreqsproto-1.1.0
+       >=x11-proto/compositeproto-0.4
+       >=x11-proto/damageproto-1.1
+       >=x11-proto/fixesproto-5.0
+       >=x11-proto/fontsproto-2.1.3
+       >=x11-proto/glproto-1.4.17-r1
+       >=x11-proto/inputproto-2.2.99.1
+       >=x11-proto/kbproto-1.0.3
+       >=x11-proto/randrproto-1.4.0
+       >=x11-proto/recordproto-1.13.99.1
+       >=x11-proto/renderproto-0.11
+       >=x11-proto/resourceproto-1.2.0
+       >=x11-proto/scrnsaverproto-1.1
+       >=x11-proto/trapproto-3.4.3
+       >=x11-proto/videoproto-2.2.2
+       >=x11-proto/xcmiscproto-1.2.0
+       >=x11-proto/xextproto-7.2.99.901
+       >=x11-proto/xf86dgaproto-2.0.99.1
+       >=x11-proto/xf86rushproto-1.1.2
+       >=x11-proto/xf86vidmodeproto-2.2.99.1
+       >=x11-proto/xineramaproto-1.1.3
+       >=x11-proto/xproto-7.0.26
+       >=x11-proto/presentproto-1.0
+       >=x11-proto/dri3proto-1.0
+       dmx? (
+               >=x11-proto/dmxproto-2.2.99.1
+               doc? (
+                       || (
+                               www-client/links
+                               www-client/lynx
+                               www-client/w3m
+                       )
+               )
+       )
+       !minimal? (
+               >=x11-proto/xf86driproto-2.1.0
+               >=x11-proto/dri2proto-2.8
+       )"
+
+RDEPEND="${CDEPEND}
+       selinux? ( sec-policy/selinux-xserver )
+       !x11-drivers/xf86-video-modesetting
+"
+
+PDEPEND="
+       xorg? ( >=x11-base/xorg-drivers-$(get_version_component_range 1-2) )"
+
+REQUIRED_USE="!minimal? (
+               || ( ${IUSE_SERVERS} )
+       )
+       xephyr? ( kdrive )"
+
+#UPSTREAMED_PATCHES=(
+#      "${WORKDIR}/patches/"
+#)
+
+PATCHES=(
+       "${UPSTREAMED_PATCHES[@]}"
+       "${FILESDIR}"/${PN}-1.17-ia64-fix_inx_outx.patch
+       "${FILESDIR}"/${PN}-1.12-unloadsubmodule.patch
+       # needed for new eselect-opengl, bug #541232
+       "${FILESDIR}"/${PN}-1.17-support-multiple-Files-sections.patch
+       "${FILESDIR}"/${PN}-1.17.2-uninit-clientsWritable.patch
+)
+
+pkg_pretend() {
+       # older gcc is not supported
+       [[ "${MERGE_TYPE}" != "binary" && $(gcc-major-version) -lt 4 ]] && \
+               die "Sorry, but gcc earlier than 4.0 will not work for xorg-server."
+}
+
+src_configure() {
+       # localstatedir is used for the log location; we need to override the default
+       #       from ebuild.sh
+       # sysconfdir is used for the xorg.conf location; same applies
+       # NOTE: fop is used for doc generating ; and i have no idea if gentoo
+       #       package it somewhere
+       XORG_CONFIGURE_OPTIONS=(
+               $(use_enable ipv6)
+               $(use_enable dmx)
+               $(use_enable glamor)
+               $(use_enable kdrive)
+               $(use_enable kdrive kdrive-kbd)
+               $(use_enable kdrive kdrive-mouse)
+               $(use_enable kdrive kdrive-evdev)
+               $(use_enable suid install-setuid)
+               $(use_enable tslib)
+               $(use_enable unwind libunwind)
+               $(use_enable wayland xwayland)
+               $(use_enable !minimal record)
+               $(use_enable !minimal xfree86-utils)
+               $(use_enable !minimal install-libxf86config)
+               $(use_enable !minimal dri)
+               $(use_enable !minimal dri2)
+               $(use_enable !minimal glx)
+               $(use_enable xephyr)
+               $(use_enable xnest)
+               $(use_enable xorg)
+               $(use_enable xvfb)
+               $(use_enable nptl glx-tls)
+               $(use_enable udev config-udev)
+               $(use_with doc doxygen)
+               $(use_with doc xmlto)
+               $(use_with systemd systemd-daemon)
+               $(use_enable systemd systemd-logind)
+               --enable-libdrm
+               --sysconfdir="${EPREFIX}"/etc/X11
+               --localstatedir="${EPREFIX}"/var
+               --with-fontrootdir="${EPREFIX}"/usr/share/fonts
+               --with-xkb-output="${EPREFIX}"/var/lib/xkb
+               --disable-config-hal
+               --disable-linux-acpi
+               --without-dtrace
+               --without-fop
+               --with-os-vendor=Gentoo
+               --with-sha1=libcrypto
+       )
+
+       xorg-2_src_configure
+}
+
+src_install() {
+       xorg-2_src_install
+
+       server_based_install
+
+       if ! use minimal &&     use xorg; then
+               # Install xorg.conf.example into docs
+               dodoc "${AUTOTOOLS_BUILD_DIR}"/hw/xfree86/xorg.conf.example
+       fi
+
+       newinitd "${FILESDIR}"/xdm-setup.initd-1 xdm-setup
+       newinitd "${FILESDIR}"/xdm.initd-11 xdm
+       newconfd "${FILESDIR}"/xdm.confd-4 xdm
+
+       # install the @x11-module-rebuild set for Portage
+       insinto /usr/share/portage/config/sets
+       newins "${FILESDIR}"/xorg-sets.conf xorg.conf
+}
+
+pkg_postinst() {
+       # sets up libGL and DRI2 symlinks if needed (ie, on a fresh install)
+       eselect opengl set xorg-x11 --use-old
+}
+
+pkg_postrm() {
+       # Get rid of module dir to ensure opengl-update works properly
+       if [[ -z ${REPLACED_BY_VERSION} && -e ${EROOT}/usr/$(get_libdir)/xorg/modules ]]; then
+               rm -rf "${EROOT}"/usr/$(get_libdir)/xorg/modules
+       fi
+}
+
+server_based_install() {
+       if ! use xorg; then
+               rm "${ED}"/usr/share/man/man1/Xserver.1x \
+                       "${ED}"/usr/$(get_libdir)/xserver/SecurityPolicy \
+                       "${ED}"/usr/$(get_libdir)/pkgconfig/xorg-server.pc \
+                       "${ED}"/usr/share/man/man1/Xserver.1x
+       fi
+}