diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-graphics/xorg-xserver | |
parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'external/poky/meta/recipes-graphics/xorg-xserver')
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips/xorg.conf | 39 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips64/xorg.conf | 39 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 22 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch | 23 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch | 36 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch | 62 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch | 18 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch | 50 | ||||
-rw-r--r-- | external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.7.bb (renamed from external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb) | 17 |
9 files changed, 132 insertions, 174 deletions
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips/xorg.conf b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips/xorg.conf deleted file mode 100644 index 1d3c64f6..00000000 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips/xorg.conf +++ /dev/null @@ -1,39 +0,0 @@ - -Section "Files" -EndSection - -Section "Device" - Identifier "Graphics Controller" - Driver "fbdev" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - DefaultDepth 16 - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" -EndSection diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips64/xorg.conf b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips64/xorg.conf deleted file mode 100644 index 03b94dc3..00000000 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemumips64/xorg.conf +++ /dev/null @@ -1,39 +0,0 @@ - -Section "Files" -EndSection - -Section "Device" - Identifier "Graphics Controller" - Driver "fbdev" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - DefaultDepth 16 - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" -EndSection diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index 489a4285..b4f07601 100644 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -18,16 +18,17 @@ INC_PR = "r8" XORG_PN = "xorg-server" SRC_URI = "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${PV}.tar.bz2" +CVE_PRODUCT = "xorg-server" + S = "${WORKDIR}/${XORG_PN}-${PV}" inherit autotools pkgconfig -inherit distro_features_check +inherit features_check REQUIRED_DISTRO_FEATURES = "x11" -PROTO_DEPS = "xorgproto" LIB_DEPS = "pixman libxfont2 xtrans libxau libxext libxdmcp libdrm libxkbfile libpciaccess" -DEPENDS = "${PROTO_DEPS} ${LIB_DEPS} font-util" +DEPENDS = "xorgproto ${LIB_DEPS} font-util" # Split out some modules and extensions from the main package # These aren't needed for basic operations and only take up space: @@ -116,28 +117,30 @@ EXTRA_OECONF += "--with-fop=no \ --sysconfdir=/etc/X11 \ --localstatedir=/var \ --with-xkb-output=/var/lib/xkb \ + --with-os-name=Linux \ " OPENGL_PKGCONFIGS = "dri glx glamor dri3 xshmfence" -PACKAGECONFIG ??= "dri2 udev ${XORG_CRYPTO} \ +PACKAGECONFIG ??= "dga dri2 udev ${XORG_CRYPTO} \ ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', '${OPENGL_PKGCONFIGS}', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'opengl wayland', 'xwayland', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd systemd-logind', '', d)} \ " PACKAGECONFIG[udev] = "--enable-config-udev,--disable-config-udev,udev" -PACKAGECONFIG[dri] = "--enable-dri,--disable-dri,xorgproto virtual/mesa" -PACKAGECONFIG[dri2] = "--enable-dri2,--disable-dri2,xorgproto" +PACKAGECONFIG[dga] = "--enable-dga,--disable-dga" +PACKAGECONFIG[dri] = "--enable-dri,--disable-dri,virtual/mesa" +PACKAGECONFIG[dri2] = "--enable-dri2,--disable-dri2" # DRI3 requires xshmfence to also be enabled -PACKAGECONFIG[dri3] = "--enable-dri3,--disable-dri3,xorgproto" -PACKAGECONFIG[glx] = "--enable-glx,--disable-glx,xorgproto virtual/libgl virtual/libx11" +PACKAGECONFIG[dri3] = "--enable-dri3,--disable-dri3" +PACKAGECONFIG[glx] = "--enable-glx,--disable-glx,virtual/libgl virtual/libx11" PACKAGECONFIG[glamor] = "--enable-glamor,--disable-glamor,libepoxy virtual/libgbm,libegl" PACKAGECONFIG[unwind] = "--enable-libunwind,--disable-libunwind,libunwind" PACKAGECONFIG[xshmfence] = "--enable-xshmfence,--disable-xshmfence,libxshmfence" PACKAGECONFIG[xmlto] = "--with-xmlto, --without-xmlto, xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" PACKAGECONFIG[systemd-logind] = "--enable-systemd-logind=yes,--enable-systemd-logind=no,dbus," PACKAGECONFIG[systemd] = "--with-systemd-daemon,--without-systemd-daemon,systemd" -PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,xorgproto" +PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama" PACKAGECONFIG[xwayland] = "--enable-xwayland,--disable-xwayland,wayland wayland-native wayland-protocols libepoxy" # Xorg requires a SHA1 implementation, pick one @@ -149,6 +152,7 @@ PACKAGECONFIG[gcrypt] = "--with-sha1=libgcrypt,,libgcrypt" do_install_append () { # Its assumed base-files creates this for us rmdir ${D}${localstatedir}/log/ + sed -i -e 's,${libdir}/xorg/modules,${prefix}/lib*/xorg/modules,' ${D}${mandir}/man5/xorg.conf.5 } # Add runtime provides for the ABI versions of the video and input subsystems, diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch new file mode 100644 index 00000000..4b8e43f1 --- /dev/null +++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch @@ -0,0 +1,23 @@ +From 84338444179cab7ede1252a11b66e3b8f657e6a4 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Fri, 7 Feb 2020 20:36:45 +0100 +Subject: [PATCH] drmmode_display.c: add missing mi.h include + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + hw/xfree86/drivers/modesetting/drmmode_display.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/xfree86/drivers/modesetting/drmmode_display.c b/hw/xfree86/drivers/modesetting/drmmode_display.c +index e18cc37..3445cce 100644 +--- a/hw/xfree86/drivers/modesetting/drmmode_display.c ++++ b/hw/xfree86/drivers/modesetting/drmmode_display.c +@@ -46,6 +46,7 @@ + #include "xf86Crtc.h" + #include "drmmode_display.h" + #include "present.h" ++#include "mi.h" + + #include <cursorstr.h> + diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch new file mode 100644 index 00000000..c0c24281 --- /dev/null +++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch @@ -0,0 +1,36 @@ +From 8a382c015cd3c69fcfc146ef03dcbf30c77ff207 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 1 Mar 2019 09:47:57 -0800 +Subject: [PATCH] test/xtest: Initialize array with braces + +Fixes an error when extra warnings are enabled, this is caught with clang + +test/xtest.c:64:23: error: suggest braces around initialization of subobject [-Werror,-Wmissing-braces] + WindowRec root = {0}; + ^ + {} +1 error generated. + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + test/xtest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/xtest.c b/test/xtest.c +index fc5e433..d7e6620 100644 +--- a/test/xtest.c ++++ b/test/xtest.c +@@ -61,7 +61,7 @@ xtest_init_devices(void) + { + ScreenRec screen = {0}; + ClientRec server_client = {0}; +- WindowRec root = {0}; ++ WindowRec root = {{0}}; + WindowOptRec optional = {0}; + + /* random stuff that needs initialization */ +-- +2.21.0 + diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch deleted file mode 100644 index 7f6235b4..00000000 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch +++ /dev/null @@ -1,62 +0,0 @@ -Incorrect command-line parameter validation in the Xorg X server can lead to -privilege elevation and/or arbitrary files overwrite, when the X server is -running with elevated privileges (ie when Xorg is installed with the setuid bit -set and started by a non-root user). The -modulepath argument can be used to -specify an insecure path to modules that are going to be loaded in the X server, -allowing to execute unprivileged code in the privileged process. The -logfile -argument can be used to overwrite arbitrary files in the file system, due to -incorrect checks in the parsing of the option. - -CVE: CVE-2018-14665 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e Mon Sep 17 00:00:00 2001 -From: Matthieu Herrb <matthieu@herrb.eu> -Date: Tue, 23 Oct 2018 21:29:08 +0200 -Subject: [PATCH] Disable -logfile and -modulepath when running with elevated - privileges - -Could cause privilege elevation and/or arbitrary files overwrite, when -the X server is running with elevated privileges (ie when Xorg is -installed with the setuid bit set and started by a non-root user). - -CVE-2018-14665 - -Issue reported by Narendra Shinde and Red Hat. - -Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> -Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> -Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> -Reviewed-by: Adam Jackson <ajax@redhat.com> ---- - hw/xfree86/common/xf86Init.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c -index 6c25eda73..0f57efa86 100644 ---- a/hw/xfree86/common/xf86Init.c -+++ b/hw/xfree86/common/xf86Init.c -@@ -935,14 +935,18 @@ ddxProcessArgument(int argc, char **argv, int i) - /* First the options that are not allowed with elevated privileges */ - if (!strcmp(argv[i], "-modulepath")) { - CHECK_FOR_REQUIRED_ARGUMENT(); -- xf86CheckPrivs(argv[i], argv[i + 1]); -+ if (xf86PrivsElevated()) -+ FatalError("\nInvalid argument -modulepath " -+ "with elevated privileges\n"); - xf86ModulePath = argv[i + 1]; - xf86ModPathFrom = X_CMDLINE; - return 2; - } - if (!strcmp(argv[i], "-logfile")) { - CHECK_FOR_REQUIRED_ARGUMENT(); -- xf86CheckPrivs(argv[i], argv[i + 1]); -+ if (xf86PrivsElevated()) -+ FatalError("\nInvalid argument -logfile " -+ "with elevated privileges\n"); - xf86LogFile = argv[i + 1]; - xf86LogFileFrom = X_CMDLINE; - return 2; --- -2.18.1 diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch deleted file mode 100644 index 4be441fb..00000000 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch +++ /dev/null @@ -1,18 +0,0 @@ -inb/outb family for arm is only implemented on glibc -so assumption across linux is wrong - -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Pending -Index: xorg-server-1.18.0/hw/xfree86/common/compiler.h -=================================================================== ---- xorg-server-1.18.0.orig/hw/xfree86/common/compiler.h -+++ xorg-server-1.18.0/hw/xfree86/common/compiler.h -@@ -758,7 +758,7 @@ inl(unsigned short port) - return xf86ReadMmio32Le((void *) ioBase, port); - } - --#elif defined(__arm__) && defined(__linux__) -+#elif defined(__arm__) && defined(__GLIBC__) - - /* for Linux on ARM, we use the LIBC inx/outx routines */ - /* note that the appropriate setup via "ioperm" needs to be done */ diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch new file mode 100644 index 00000000..be198ece --- /dev/null +++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch @@ -0,0 +1,50 @@ +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/merge_requests/253] +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From ca832598d38ba55a001088b57d73c6d7261dc9a7 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@intel.com> +Date: Thu, 1 Aug 2019 15:24:51 +0100 +Subject: [PATCH] sdksyms.sh: don't embed the build path + +This script generates a header that has a comment containing the build path for +no real reason. As this source can end up deployed on targets in debug packages +this means there is both potentially sensitive information leakage about the +build environment, and a source of change for reproducible builds. +--- + hw/xfree86/sdksyms.sh | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/hw/xfree86/sdksyms.sh b/hw/xfree86/sdksyms.sh +index 39e33711d..bdf47a71a 100755 +--- a/hw/xfree86/sdksyms.sh ++++ b/hw/xfree86/sdksyms.sh +@@ -302,13 +302,16 @@ LC_ALL=C + export LC_ALL + ${CPP:-cpp} "$@" sdksyms.c > /dev/null || exit $? + ${CPP:-cpp} "$@" sdksyms.c | ${AWK:-awk} -v topdir=$topdir ' ++function basename(file) { ++ sub(".*/", "", file) ++ return file ++} + BEGIN { + sdk = 0; + print("/*"); + print(" * These symbols are referenced to ensure they"); + print(" * will be available in the X Server binary."); + print(" */"); +- printf("/* topdir=%s */\n", topdir); + print("_X_HIDDEN void *xorg_symbols[] = {"); + + printf("sdksyms.c:") > "sdksyms.dep"; +@@ -337,7 +340,7 @@ BEGIN { + # remove quotes + gsub(/"/, "", $3); + line = $2; +- header = $3; ++ header = basename($3); + if (! headers[$3]) { + printf(" \\\n %s", $3) >> "sdksyms.dep"; + headers[$3] = 1; +-- +2.20.1 + diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.7.bb index 9fd2e8d8..998b98a7 100644 --- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb +++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.7.bb @@ -1,12 +1,15 @@ require xserver-xorg.inc -SRC_URI += "file://musl-arm-inb-outb.patch \ - file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ - file://pkgconfig.patch \ - file://CVE-2018-14665.patch \ - " -SRC_URI[md5sum] = "e525846d1d0af5732ba835f2e2ec066d" -SRC_URI[sha256sum] = "59c99fe86fe75b8164c6567bfc6e982aecc2e4a51e6fbac1b842d5d00549e918" +SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ + file://pkgconfig.patch \ + file://0001-test-xtest-Initialize-array-with-braces.patch \ + file://sdksyms-no-build-path.patch \ + file://0001-drmmode_display.c-add-missing-mi.h-include.patch \ + " +SRC_URI[md5sum] = "d2e96355ad47244c675bce38db2b48a9" +SRC_URI[sha256sum] = "bd5986f010f34f5b3d6bc99fe395ecb1e0dead15a26807e0c832701809a06ea1" + +CFLAGS += "-fcommon" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. |