It's needed when the surface window is a depth 24 descendant of a depth
32 toplevel window.
xwl_source_validate ensures the toplevel window pixmap has valid
contents when a client reads from it, or when the window hierarchy /
geometry changes. It's never called in the normal fullscreen application
case, so there's no GPU copy overhead with that.
v2:
* Don't try to redirect a depth 32 descendant of different-depth
ancestors, the alpha channel wouldn't be handled correctly.
(Olivier Fourdan)
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
A later commit will use it to ensure the toplevel window pixmap has
valid contents.
It's hooked up only while any xwl_window->surface_window_damage points
to a non-empty region. So far it's always NULL, so no functional change
intended.
v2:
* Fix trailing whitespace. (Olivier Fourdan)
v3:
* Use toplevel local variable more in xwl_window_update_surface_window.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
A later commit will use these to (un)redirect the surface window on
demand.
Not used yet, so no functional change intended.
v2:
* Use "surface_window_damage" instead of "surf_win_damage".
(Olivier Fourdan)
* Slightly simplify logic in xwl_unrealize_window.
v3:
* Add comment in xwl_present_maybe_unredirect_window explaining why we
use a timer. (Olivier Fourdan)
v4:
* Rename unredir_timer field to unredirect_timer.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
It may track a non-toplevel window which fully covers the area of the
window pixmap / Wayland surface. It is now used instead of
xwl_window::toplevel for updating the Wayland surface contents.
The surface_window can now hit the Present page flip path while it's
automatically redirected.
v2:
* Use "surface_window" instead of "surf_win". (Olivier Fourdan)
* Add comment describing surface_window, and describe what
surface_window/toplevel are useful for respectively. (Olivier Fourdan)
* Use surface_window in xwl_realize_window.
v3:
* Backtrack up to the closest opaque ancestor in
xwl_window_update_surface_window. (Olivier Fourdan)
v4:
* Clean up logic for determining the surface window in
xwl_window_update_surface_window, and document it better.
* Handle window_get_damage(xwl_window->surface_window) returning NULL
in xwl_window_update_surface_window.
* Call xwl_window_update_surface_window after xwl_window_buffers_init
in ensure_surface_for_window, since the former may call
xwl_window_buffers_dispose.
* Rename surf/win_pix to surface/window_pixmap in
xwl_window_update_surface_window.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
Preparation for next commit.
This might change behaviour for non-InputOutput top-level windows.
ensure_surface_for_window getting called and returning non-NULL for
those would seem like a pre-existing bug though.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
It's always the toplevel window, i.e. either the root window or a child
of it.
Preparation for later commits, no functional change.
v2: (Olivier Fourdan)
* Fix debug build.
* Add comment describing ::toplevel.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1300>
ProcRenderAddGlyphs() adds the glyph to the glyphset using AddGlyph() and
then frees it using FreeGlyph() to decrease the reference count, after
AddGlyph() has increased it.
AddGlyph() however may chose to reuse an existing glyph if it's already
in the glyphSet, and free the glyph that was given, in which case the
caller function, ProcRenderAddGlyphs() will call FreeGlyph() on an
already freed glyph, as reported by ASan:
READ of size 4 thread T0
#0 in FreeGlyph xserver/render/glyph.c:252
#1 in ProcRenderAddGlyphs xserver/render/render.c:1174
#2 in Dispatch xserver/dix/dispatch.c:546
#3 in dix_main xserver/dix/main.c:271
#4 in main xserver/dix/stubmain.c:34
#5 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#6 in __libc_start_main_impl ../csu/libc-start.c:360
#7 (/usr/bin/Xwayland+0x44fe4)
Address is located 0 bytes inside of 64-byte region
freed by thread T0 here:
#0 in __interceptor_free libsanitizer/asan/asan_malloc_linux.cpp:52
#1 in _dixFreeObjectWithPrivates xserver/dix/privates.c:538
#2 in AddGlyph xserver/render/glyph.c:295
#3 in ProcRenderAddGlyphs xserver/render/render.c:1173
#4 in Dispatch xserver/dix/dispatch.c:546
#5 in dix_main xserver/dix/main.c:271
#6 in main xserver/dix/stubmain.c:34
#7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
previously allocated by thread T0 here:
#0 in __interceptor_malloc libsanitizer/asan/asan_malloc_linux.cpp:69
#1 in AllocateGlyph xserver/render/glyph.c:355
#2 in ProcRenderAddGlyphs xserver/render/render.c:1085
#3 in Dispatch xserver/dix/dispatch.c:546
#4 in dix_main xserver/dix/main.c:271
#5 in main xserver/dix/stubmain.c:34
#6 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
SUMMARY: AddressSanitizer: heap-use-after-free xserver/render/glyph.c:252 in FreeGlyph
To avoid that, make sure not to free the given glyph in AddGlyph().
v2: Simplify the test using the boolean returned from AddGlyph() (Michel)
v3: Simplify even more by not freeing the glyph in AddGlyph() (Peter)
Fixes: bdca6c3d1 - render: fix refcounting of glyphs during ProcRenderAddGlyphs
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1476>
xkbstr.h uses types from Xdefs.h (eg. Bool) but doesn't include it.
If somebody includes it, w/o including Xdefs.h first, compile breaks:
../include/xkbstr.h:84:5: error: unknown type name ‘Bool’
84 | Bool active;
| ^~~~
../include/xkbstr.h:517:5: error: unknown type name ‘Bool’
517 | Bool num_groups_changed;
| ^~~~
../include/xkbstr.h:608:5: error: unknown type name ‘Bool’
608 | Bool has_own_state;
| ^~~~
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1474>
This tests override WriteToClient() with their own custom function to
check for validity. Unfortunately they also papered over bugs - to
compare values we had to swap back thus modifying the original reply.
This doesn't really have an effect on most reply handling but for those
with extra data it may affect how they are processed. Fix this by
copying the reply so any of the fields within that we swap is left
as-is and put some basic sanity checks in for the length we pass in.
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1469>
When a present request is received, Xwayland will check if there is an
existing request targeting the same window and msc and scrap the older
request if so. Alas, this does not interact well the older fence-based
or newer syncobj-based synchronization features of the Present
extension.
Since execution of a request may be delayed for an unknown length of
time while waiting for a fence to be signaled, the target msc computed
upon receiving a request may not match the actual msc at which the
request is executed. Therefore, we cannot determine in advance whether a
more recently received request will make an older request redundant.
This change removes the code to scrap pending present requests.
We must also ensure requests are executed in the correct order even if
their fences are signaled out of order. To achieve this, whenever
execution of a request needs to wait for a fence, execution of any
later-received requests will be blocked until the earlier request is
ready. The blocked requests will be added to a list tracked in the
xwl_present_window struct. Once the earlier request's fence is signaled,
any blocked requests will be re-executed.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
This protocol allows for explicit synchronization of GPU operations by
Wayland clients and the compositor. Xwayland can make use of this to
ensure any rendering it initiates has completed before the target image
is accessed by the compositor, without having to rely on kernel-level
implicit synchronization.
Furthermore, for X11 clients that also support explicit synchronization
using the mechanisms exposed in the DRI3 and Present extensions, this
Wayland protocol allows us to simply forward the timeline, acquire, and
release points directly to the compositor, ideally avoiding any
premature stalls in the presentation pipeline.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
Together, DRI3 1.4 and Present 1.4 allow clients to explicitly
synchronize GPU rendering with presentation using DRM syncobjs. Here we
add the necessary support to Xwayland's glamor and Present
infrastructure to enable this functionality.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
If a presentation request is delayed while waiting for a fence, the
original target msc may no longer be correct. Instead, we should compute
a new target msc in xwl_present_re_execute.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
Adds the required infrastructure in the core DRI3 code to support
importing DRM synchronization objects from clients. This includes
support for the two new protocol requests from DRI3 version 1.4, an
internal representation of these objects in the form of the dri3_syncobj
structure, and an import_syncobj screen info callback.
The following operations are defined for dri3_syncobj objects
* free - release any server-side resources associated with the object
* has_fence - check if the fence for a timeline point is submitted
* is_signaled - check if a timeline point is signaled
* export_fence - return a sync fd corresponding to a timeline point
* import_fence - submit a sync fd as the fence for a timeline point
* signal - immediately signal a timeline point
* submitted_eventfd and signaled_eventfd - register an eventfd to be
signaled when the given timeline point is either submitted or
signaled
Implementations will be responsible for populating these function
pointers when importing a syncobj.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
DRI3 version 1.3 introduced a new request which allows clients to
provide a hint to the server about which DRM device they are using, so
that the server might return DRM format modifiers specific to that
device. However, implementing such functionality, for Xwayland in
particular, will require fairly significant architectural changes.
To avoid blocking future versions of the DRI3 extension, we provide here
a stub implementation for the request in question. The spec explicitly
states that it is only a hint that the server is free to ignore, so
strictly speaking this implementation is still correct.
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
Explicit sync support for Xwayland requires several updates to the
Debian CI image. These include...
xorgproto 2024.1 for DRI3 1.4 and Present 1.4
wayland-protocols 1.34 for wp-linux-drm-syncobj-v1
libdrm 2.4.116 for drmSyncobjEventfd
linux-libc-dev from bullseye-backports for DMA_BUF_IOCTL_IMPORT/EXPORT_SYNC_FD
Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
Without either implicit or explicit synchronization, the result of rendering is
pretty much undefined, and many glitches can appear. This still doesn't synchronize
buffer release, but it works around most glitches until explicit sync is supported.
Signed-off-by: Xaver Hugl <xaver.hugl@kde.org>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/967>
Fixes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/577
This patch replaces the instances of trunc in miPointerSetPosition by
floor, thereby removing the incorrect behaviour with subpixel pointer
locations between -1 and 0.
This is the relevant code fragment:
/* In the event we actually change screen or we get confined, we just
* drop the float component on the floor
* FIXME: only drop remainder for ConstrainCursorHarder, not for screen
* crossings */
if (x != trunc(*screenx))
*screenx = x;
if (y != trunc(*screeny))
*screeny = y;
The behaviour of this code does not match its comment for subpixel
coordinates between -1 and 0. For example, if *screenx is -0.5, the
preceding code would (correctly) clamp x to 0, but this would not be
detected by this condition, since 0 == trunc(-0.5), leaving *screenx
at -0.5, out of bounds.
This causes undesirable behaviour in GTK3 code using xi2, where negative
subpixel coordinates like this would (to all appearances randomly)
remove the focus from windows aligned with the zero boundary when the
mouse hits the left or top screen boundaries.
The other occurences of trunc in miPointerSetPosition have a more subtle
effect which would prevent proper clamping if there is a pointer limit
at a negative integer rather than at 0. This patch changes these to
floor for consistency.
Signed-off-by: Willem Jan Palenstijn <wjp@usecode.org>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1451>
This function is only used inside the same .c file where it's defined,
no outside users, also not in drivers. Thus no need to keep it exported.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1468>
Previously, AllocateGlyph would return a new glyph with refcount=0 and a
re-used glyph would end up not changing the refcount at all. The
resulting glyph_new array would thus have multiple entries pointing to
the same non-refcounted glyphs.
AddGlyph may free a glyph, resulting in a UAF when the same glyph
pointer is then later used.
Fix this by returning a refcount of 1 for a new glyph and always
incrementing the refcount for a re-used glyph, followed by dropping that
refcount back down again when we're done with it.
CVE-2024-31083, ZDI-CAN-22880
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
Compiler gives warning:
../config/wscons.c: At top level:
../config/wscons.c:262:1: warning: no previous prototype for ‘config_wscons_init’ [-Wmissing-prototypes]
262 | config_wscons_init(void)
| ^~~~~~~~~~~~~~~~~~
../config/wscons.c:270:1: warning: no previous prototype for ‘config_wscons_fini’ [-Wmissing-prototypes]
270 | config_wscons_fini(void)
| ^~~~~~~~~~~~~~~~~~
Problem is: commit bcee84c3e4 wanted to enable
wscons support on NetBSD, but only added compiling config/wscons.c, but didn't
enable setting the CONFIG_WSCONS symbol, so it won't be called at all.
Fixes: bcee84c3e4
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1450>
When X11 isn't installed directly at /usr hierarchy (eg. NetBSD uses
/usr/X11R7/), build breaks:
../test/list.c:31:10: fatal error: X11/Xlib.h: No such file or directory
31 | #include <X11/Xlib.h>
| ^~~~~~~~~~~~
Needs explicitly dependency on libX11, so the include path is added.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1442>
Fix meson warning:
> WARNING: Project targeting '>= 0.56.0' but tried to use feature deprecated since '0.55.0': ExternalProgram.path. use ExternalProgram.full_path() instead
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1448>
The Xprintf() function is deprecated. Most of it's call sites had been moved
to asprintf(), so also do it for the remaining two ones.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1449>
Balló György
Olivier Fourdan
Jan Beich
Michel Dänzer
Enrico Weigelt, metux IT consult
Peter Hutterer
Erik Kurzinger
Xaver Hugl
Willem Jan Palenstijn
Alan Coopersmith