summaryrefslogtreecommitdiffstats
path: root/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg
diff options
context:
space:
mode:
Diffstat (limited to 'external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg')
-rw-r--r--external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch23
-rw-r--r--external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch36
-rw-r--r--external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch62
-rw-r--r--external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch18
-rw-r--r--external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch50
5 files changed, 109 insertions, 80 deletions
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch
new file mode 100644
index 00000000..4b8e43f1
--- /dev/null
+++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-drmmode_display.c-add-missing-mi.h-include.patch
@@ -0,0 +1,23 @@
+From 84338444179cab7ede1252a11b66e3b8f657e6a4 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex.kanavin@gmail.com>
+Date: Fri, 7 Feb 2020 20:36:45 +0100
+Subject: [PATCH] drmmode_display.c: add missing mi.h include
+
+Upstream-Status: Pending
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ hw/xfree86/drivers/modesetting/drmmode_display.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/hw/xfree86/drivers/modesetting/drmmode_display.c b/hw/xfree86/drivers/modesetting/drmmode_display.c
+index e18cc37..3445cce 100644
+--- a/hw/xfree86/drivers/modesetting/drmmode_display.c
++++ b/hw/xfree86/drivers/modesetting/drmmode_display.c
+@@ -46,6 +46,7 @@
+ #include "xf86Crtc.h"
+ #include "drmmode_display.h"
+ #include "present.h"
++#include "mi.h"
+
+ #include <cursorstr.h>
+
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch
new file mode 100644
index 00000000..c0c24281
--- /dev/null
+++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-test-xtest-Initialize-array-with-braces.patch
@@ -0,0 +1,36 @@
+From 8a382c015cd3c69fcfc146ef03dcbf30c77ff207 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 1 Mar 2019 09:47:57 -0800
+Subject: [PATCH] test/xtest: Initialize array with braces
+
+Fixes an error when extra warnings are enabled, this is caught with clang
+
+test/xtest.c:64:23: error: suggest braces around initialization of subobject [-Werror,-Wmissing-braces]
+ WindowRec root = {0};
+ ^
+ {}
+1 error generated.
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ test/xtest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/xtest.c b/test/xtest.c
+index fc5e433..d7e6620 100644
+--- a/test/xtest.c
++++ b/test/xtest.c
+@@ -61,7 +61,7 @@ xtest_init_devices(void)
+ {
+ ScreenRec screen = {0};
+ ClientRec server_client = {0};
+- WindowRec root = {0};
++ WindowRec root = {{0}};
+ WindowOptRec optional = {0};
+
+ /* random stuff that needs initialization */
+--
+2.21.0
+
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch
deleted file mode 100644
index 7f6235b4..00000000
--- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-Incorrect command-line parameter validation in the Xorg X server can lead to
-privilege elevation and/or arbitrary files overwrite, when the X server is
-running with elevated privileges (ie when Xorg is installed with the setuid bit
-set and started by a non-root user). The -modulepath argument can be used to
-specify an insecure path to modules that are going to be loaded in the X server,
-allowing to execute unprivileged code in the privileged process. The -logfile
-argument can be used to overwrite arbitrary files in the file system, due to
-incorrect checks in the parsing of the option.
-
-CVE: CVE-2018-14665
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Tue, 23 Oct 2018 21:29:08 +0200
-Subject: [PATCH] Disable -logfile and -modulepath when running with elevated
- privileges
-
-Could cause privilege elevation and/or arbitrary files overwrite, when
-the X server is running with elevated privileges (ie when Xorg is
-installed with the setuid bit set and started by a non-root user).
-
-CVE-2018-14665
-
-Issue reported by Narendra Shinde and Red Hat.
-
-Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
-Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
-Reviewed-by: Adam Jackson <ajax@redhat.com>
----
- hw/xfree86/common/xf86Init.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
-index 6c25eda73..0f57efa86 100644
---- a/hw/xfree86/common/xf86Init.c
-+++ b/hw/xfree86/common/xf86Init.c
-@@ -935,14 +935,18 @@ ddxProcessArgument(int argc, char **argv, int i)
- /* First the options that are not allowed with elevated privileges */
- if (!strcmp(argv[i], "-modulepath")) {
- CHECK_FOR_REQUIRED_ARGUMENT();
-- xf86CheckPrivs(argv[i], argv[i + 1]);
-+ if (xf86PrivsElevated())
-+ FatalError("\nInvalid argument -modulepath "
-+ "with elevated privileges\n");
- xf86ModulePath = argv[i + 1];
- xf86ModPathFrom = X_CMDLINE;
- return 2;
- }
- if (!strcmp(argv[i], "-logfile")) {
- CHECK_FOR_REQUIRED_ARGUMENT();
-- xf86CheckPrivs(argv[i], argv[i + 1]);
-+ if (xf86PrivsElevated())
-+ FatalError("\nInvalid argument -logfile "
-+ "with elevated privileges\n");
- xf86LogFile = argv[i + 1];
- xf86LogFileFrom = X_CMDLINE;
- return 2;
---
-2.18.1
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch
deleted file mode 100644
index 4be441fb..00000000
--- a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/musl-arm-inb-outb.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-inb/outb family for arm is only implemented on glibc
-so assumption across linux is wrong
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Upstream-Status: Pending
-Index: xorg-server-1.18.0/hw/xfree86/common/compiler.h
-===================================================================
---- xorg-server-1.18.0.orig/hw/xfree86/common/compiler.h
-+++ xorg-server-1.18.0/hw/xfree86/common/compiler.h
-@@ -758,7 +758,7 @@ inl(unsigned short port)
- return xf86ReadMmio32Le((void *) ioBase, port);
- }
-
--#elif defined(__arm__) && defined(__linux__)
-+#elif defined(__arm__) && defined(__GLIBC__)
-
- /* for Linux on ARM, we use the LIBC inx/outx routines */
- /* note that the appropriate setup via "ioperm" needs to be done */
diff --git a/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch
new file mode 100644
index 00000000..be198ece
--- /dev/null
+++ b/external/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/sdksyms-no-build-path.patch
@@ -0,0 +1,50 @@
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/merge_requests/253]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From ca832598d38ba55a001088b57d73c6d7261dc9a7 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@intel.com>
+Date: Thu, 1 Aug 2019 15:24:51 +0100
+Subject: [PATCH] sdksyms.sh: don't embed the build path
+
+This script generates a header that has a comment containing the build path for
+no real reason. As this source can end up deployed on targets in debug packages
+this means there is both potentially sensitive information leakage about the
+build environment, and a source of change for reproducible builds.
+---
+ hw/xfree86/sdksyms.sh | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/hw/xfree86/sdksyms.sh b/hw/xfree86/sdksyms.sh
+index 39e33711d..bdf47a71a 100755
+--- a/hw/xfree86/sdksyms.sh
++++ b/hw/xfree86/sdksyms.sh
+@@ -302,13 +302,16 @@ LC_ALL=C
+ export LC_ALL
+ ${CPP:-cpp} "$@" sdksyms.c > /dev/null || exit $?
+ ${CPP:-cpp} "$@" sdksyms.c | ${AWK:-awk} -v topdir=$topdir '
++function basename(file) {
++ sub(".*/", "", file)
++ return file
++}
+ BEGIN {
+ sdk = 0;
+ print("/*");
+ print(" * These symbols are referenced to ensure they");
+ print(" * will be available in the X Server binary.");
+ print(" */");
+- printf("/* topdir=%s */\n", topdir);
+ print("_X_HIDDEN void *xorg_symbols[] = {");
+
+ printf("sdksyms.c:") > "sdksyms.dep";
+@@ -337,7 +340,7 @@ BEGIN {
+ # remove quotes
+ gsub(/"/, "", $3);
+ line = $2;
+- header = $3;
++ header = basename($3);
+ if (! headers[$3]) {
+ printf(" \\\n %s", $3) >> "sdksyms.dep";
+ headers[$3] = 1;
+--
+2.20.1
+