Backport 3 patches to fix CVE-2017-10971:
In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971
(From OE-Core rev: 20428f660f2c046c63bbf63c4e4af95dac9f2b3d)
(From OE-Core rev: 8c42a9508bded870d1ac018e2cfa129772983c52)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit 6a5a4e60373c1386b311b2a8bb666c32d68a9d99 removes the configure of
useSIGIO option:
xfree86 SIGIO support is reworked to use internal versions of
OsBlockSIGIO and OsReleaseSIGIO
The check for useSIGIO is no longer needed.
(From OE-Core rev: 5ed1bc5b4dadc74f1db52179238fbbd145a59043)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Discovered on beaglebone black
(From OE-Core rev: 21fcb42d97e90eb76283b69ab876729f4cee7ad7)
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xserver depends on xfont2 now.
* xwayland support requires wayland-scanner: Add patch to find
wayland-scanner and protocol files while cross-compiling.
* patch MONOTONIC_CLOCK check so it works when cross-compiling
(otherwise we always end with no monotonic clock and xwayland
compile fails)
* Add vardepsexclude for MACHINE to ensure consistent hashes (RB)
(From OE-Core rev: f9c2b4284fafaa8998bbd2a6f443b0b7b98dafaa)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* drm-version patch was applied mainline
* libsystemd was solved similar to patch upstream
* glamor was enhanced twice by Eric Anholt and makes vc4 work on Raspberry Pi
* glamor does not link against libegl but won't work without libegl
(From OE-Core rev: 7fc6e5e816434fb6e35c137d5440b92a1cc4d9c2)
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes the check of the libdrm version in the configure script.
(From OE-Core rev: 2312eb1b6da67c2c7e8c968db55d99472ac29b49)
Signed-off-by: Johannes Pointner <johannes.pointner@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
inb/outb are implemented for ARM on glibc but not on linux in general
therefore the conditional has to reflect that
(From OE-Core rev: 8920e520b58118c72c68e739c780efd71c1650d3)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Remove glibc-guard patch: xserver no longer uses termio.h on linux
in any case.
* Remove "--enable-glx-tls": this hasn't done anything since glapi
was separated from glx
* Note that xserver no longer installs evdev configuration
(evdev and/or libinput should do it instead)
* Add patch to check for libsystemd correctly
* Add PACKAGECONFIG for libsystemd
(From OE-Core rev: 9057678e75ec09af081b27d5935907ec955c3664)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes CVE-2015-3164 in Xwayland.
Remove unnecessary patches:
* fix_open_max_preprocessor_error.patch is no longer needed:
OPEN_MAX is defined in every case now
* xorg-CVE-2013-6424.patch was handled in pixman several releases ago
* other removed patches are included in 1.17.2
(From OE-Core rev: 1d35231d666baee9ac4aaeb482371f3c71998c76)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When falling back to the VESA server, X fails to start due to an error
reading the int10 vec.
We cherry-pick the following commit to fix the error:
commit 0a78b599b34cc8b5fe6fe82f90e90234e8ab7a56
Author: Jürg Billeter <j@bitron.ch>
Date: Sat Feb 7 18:13:21 2015 +0100
int10: Fix error check for pci_device_map_legacy
pci_device_map_legacy returns 0 on success.
Signed-off-by: Jürg Billeter <j@bitron.ch>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(From OE-Core rev: e1570e12f92bf359ef34d0e2998b09981bcece18)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Increase OELAYOUT_ABI: this is required because the
xf86-video-modesetting package moves from its own recipe to
xserver-xorg and sanity check cannot handle that currently.
The upgrade will delete old xf86-video-modesetting files from
sysroots.
* Remove upstreamed xserver-xorg patches
* Remove xf86-video-modesetting recipe: the driver is now included in
xserver-xorg recipe, which now produces the xf86-video-modesetting
package. The package version changes from 0.9 to 1.17.1
* Update xserver-xorg license checksum: modesetting license
info (another MIT one) has been added to the file
(From OE-Core rev: 950846d019ffac21909a96d90af8cf7e5bdd5738)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream has already fixed the GCC 5 problem, so use the patch from upstream.
(From OE-Core rev: 15b39bfbb1a0263ac194a9833175b72ab7345ebd)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch from fedora details are in patch header
Change-Id: I6b8dfaae3b751071bf8b0d88b15a4f95c19877f6
(From OE-Core rev: 100ab2578bd2025aed940fddce467a4606962695)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updated x11-server packages fix security vulnerability:
Olivier Fourdan from Red Hat has discovered a protocol handling issue in
the way the X server code base handles the XkbSetGeometry request, where
the server trusts the client to send valid string lengths. A malicious
client with string lengths exceeding the request length can cause the server
to copy adjacent memory data into the XKB structs. This data is then
available to the client via the XkbGetGeometry request. This can lead to
information disclosure issues, as well as possibly a denial of service if a
similar request can cause the server to crash (CVE-2015-0255).
(From OE-Core rev: 564e2f9732ac4318bb5923dd1ff771514c9afd2f)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
On shutdown xserver was closing connections that were already closed, resulting
in a segfault.
(From OE-Core rev: 04ffd02a14f5e0cd2ce0288b589d4c4a0120e2f4)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add PACKAGECONFIG systemd, xserver-xorg now depends in dbus because
adds support for systemd-logind, dbus is used by xserver-xorg to
communicate with systemd.
Add conditional enablement of systemd-logind if DISTRO_FEATURES contains
systemd.
Remove crosscompile, mips64-compile and present-module because are already
in upstream.
(From OE-Core rev: 4c33baa4a95aee26c6bf6fd0c7ec827ff63a9e62)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The DRI3 and Present modules are built-in but some drivers (such as
xf86-video-intel) want to query their presence. Backport a patch from upstream
to stop this causing an error.
[ YOCTO #6583 ]
(From OE-Core rev: d7bb1d8b1a7cd11895037b7984b9aa916efa9733)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patch aarch64.patch adds aarch64 support for xserver-xorg 1.13.1 in
header file servermd.h. And aarch64 is supported in version 1.15.1
already and the patch causes redefine error.
So remove aarch64.patch.
(From OE-Core rev: 2d8700bf2250ff4975dad51ee32e8d520fc14a11)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a PACKAGECONFIG for xshmfence. If DRI3 is enabled, xshmfence also needs to
be enabled.
[ YOCTO #6507 ]
(From OE-Core rev: ff2e96cacc116cf362d4c5dc36f1b846672f98e0)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org
allows context-dependent attackers to cause a denial of service (crash) via
a negative bottom value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6424
(From OE-Core rev: 059dc5f4ef9bcf49cb6520f5f2ab1e739f4d42de)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The xinerama and dixstruct patches are merged in 1.14.4, so drop them.
Also drop explicit PR statement.
(From OE-Core rev: 60973d0584e2533f0debfcd8e80c5e29beb68e37)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* FILESEXTRAPATHS needs to be in xserver-xf86-lite_1.11.1
because in .inc we don't have ${PV} expanded yet
* crosscompile.patch macro_tweak.patch were identical
* fix_open_max_preprocessor_error.patch has only different header
# $ diff xserver-xorg/fix_open_max_preprocessor_error.patch xserver-xorg-dri/fix_open_max_preprocessor_error.patch
1c1
< Upstream-Status: Pending
---
> Upstream-Status: Inappropriate [embedded specific]
(From OE-Core rev: aaa137f54c246b61a94b62a731de67f09e688a2a)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xserver-xorg is closer to upstream naming and
that's how it's named in OE-classic and meta-oe? It would make meta-oe
transition easier and better to do it now then convert meta-oe to
xserver-xf86 and then rename it back later.
(From OE-Core rev: 0b31c7200a368533df970f0efeb81e2e20c73593)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jackie Huang
Tom Hochstein
Andreas Müller
Jussi Kukkonen
Johannes Pointner
Khem Raj
Bruce Ashfield
Ross Burton
Li Zhou
Jun Zhu
Aníbal Limón
Kai Kang
Martin Jansa