The `buflength` variable doesn't exist anymore, it's `rlength`.
And even if the reply struct might have the same size as XGenericReply,
it's cleaner to let the compiler compute it explicitly, just in case.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
It seems xf86bigfont hasn't been compile-tested for long time,
some includes were missing.
Note that fontstruct.h needs to come before libxfont2.h, because X11
headers tend to be not self-consistent :(
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This fixes a regression in 5499a2999 (xkb: let SendDeviceLedFBs() fill buffer instead of writing directly, 2024-07-16).
We need to write the whole buffer, and the updated length has to take
into consideration that `sz` now contains `led_len` so we need to
subtract that or properly calculate the remaining size.
Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
Since Redhat deleted everything related to Xlibre from freedesktop.org,
the driver repos had to be moved to github.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Nvidia has a strange habit of messing with really internal stuff,
so need to add it to the executable's symbol table.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
As long as the wfb module is still a separate shared object, this
function needs to be in the symbol table.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Nvidia has a strange habit of messing with really internal stuff,
so need to add it to the executable's symbol table.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Yet another temporary re-export for Nvidia's proprietary driver.
This symbol really shouldn't be used at all by drivers.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Support having more than one auth token per namespace, so separate tokens
can be handed out to clients that are still landing in the same namespace.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This loads the configuration (simple text file) passed via command line.
For now just supporting static configuration, that's loaded on server
startup.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Filter property access. Right now just allowed inside same namespace,
or when caller is in root namespace.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Whitelisting some XI operations in various hooks.
Note that some additional filtering needs to be done in send or
receive hook in order to prevent clients to receive possibly sensible
input data from the root window.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Filter message sending by clients. Only sending within the same
namespace is allowed (except for clients in a NS with superpowers,
e.g. root)
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Filter device access, whitelist several commonly used operations that
should be safe (eg. query keyboard layout).
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
CreateWindow() needs access to root window, in order to create
top level windows. Whitelisting this operation.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Whitelist several extension calls that are safe. Also allow namespaces
to be configured for unrestricted access.
TBD: doesn't actually reject yet
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Only namespaces with allowMouseOption flag enabled can receive
raw mouse motion events. Raw key press events are always blocked.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Redirecting access to root window properties to the per-namespace
virtual root windows. This isolates a lot of communication via root
window, e.g. the cut buffers.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
For each namespace creating a fake (invisible) root window, which can be
used for storing per-namespace properties (eg. cut buffers), etc.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Selection names (as seen by the client) are internally prefixed with the
namespace ID, so each client can only access those within it's namespace.
If a client within namespace "foo" want's to operate on "PRIMARY",
it actually will be doing so on "<foo>PRIMARY", w/o ever noticing it.
Events will sent back to the client still pointing to "PRIMARY".
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Adding data structure and initial data for namespace configuration.
Built-in namespaces are ROOT and ANONYMOUS.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Add tiny skeleton for the namespace extension. Disabled by default,
can be enabled via +extension arg, but doesn't actually do something yet.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
When looking up the window to select on and security hook returns
BadAccess, the request is just silently ignored, instead of rejected.
This way, security hook can prevent untrusted clients to listen on
arbitrary windows, without the client even noticing. The client won't
get this BadAccess error, but instead thinking everything's fine,
just not getting the actual events.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Simplify cases where callers need to check whether an entry already is
in a list before adding / appending.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This function walks through the list and checks whether an entry is already
present. This check sometimes is neccessary, since trying to add an entry
twice has catastrophic consequences: iteration will become endless loop.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Up until now, xorg_list's always need to be explicitly initialized by
calling xorg_list_init(), otherwise next access attempt will segfault.
This is adding extra complexity and risk of subtle bugs.
Adding some extra NULL check are trivial and their cost is so tiny
that it's even hard to practically measure.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This helper checks whether a given XID belongs to some screen's
root window. It does so by looking up the window and comparing that
with the window's screen's root window pointer. The resource lookup
is intentionally being on behalf of the serverClient, so the fired
XACE hook doesn't treat it as an actual client's request.
It's explicitly designed for being used by callback handlers.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Add a little helper that's looking up the ClientPtr to the client
of the owner of given XID. The lookup is solely done on the ID space,
the actual resource doesn't even need to exist.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Add hooks for filtering and fully rewrite rewrite selection requests
and events (what existing XACE hooks cannot do), e.g. for supporting
separate selection name spaces.
The hook can change individual fields in the parameter struct, so
operation continues with these changed values (eg. replace the original
selection name atom by a different one). It's also possible to stop
operations completely (with given result code) - in that case the
hook needs to take care of the remaining work to do (eg. sending events)
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This hook allows extensions to intercept client requests for changing
window attributes. It can either change the parameters or skip the
entire call (eg. handle all itself) so just the hook provided result
code is returned to the client.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Enrico Weigelt, metux IT consult
Thomas Debesse
catfromplan9
Felipe Contreras