*Background*
Patch 120094-22, may cause performance degradation of CPU and system
become unresposive when Trusted Extension or Accessibility is turned
on. Fixes of CR 6769901 are not appropriate should be corrected with CR
6839026, on all the x86 and SPARC machine .
When a machine is patched with 120094-22, Symptoms are as follows.
a) When screen is locked and Accessibility is turned on, popup window
might make x86/SPARC machine unresponsive.
b) When screen is locked and Trusted Extension is turned on, may cause
performance degradation of CPU. [tx] Xsun chews cpu and console appear
to be hung.
*What we have fixied*
Xsun is consuming 100% cpu cycle with trusted path because of CR6769901
Also we found, with accessibility, cpu consumption goes to 100%
*Code fixes are*
1) I have moved previous fix to right place in 'if else' block.
2) added the check for password dialog. Because restacking of password
dialog should happen, only, when screen is locked
3) added the check for accessibility. When accessibility is turned on,
pop up window will appear through screen saver
4)Also turn off listening of configurNotify and visibility events in
screen savers, when restacking of password dialog is happening. This
will fix the looping problem of visibility events.
*Testing *
1)We have done good amount of testing with Trusted path.
2) we have also tested on Xsun, Xorg and Xnewt
*limitations*
Popup windows will come through screen saver when ally is on. Fixes of
CR #6839026 are imcomplete and security breach is happening when
accessiblity is turned on. Solaris 8,9 10 and nevada for both sparc and
X86 platforms are impacted. For detail please check CR 6875930.
Fixes of CR#6839026 re-introduces the security issue which was fixed in
CR6769901, because right now we do not have any simple solutions that
will allow only good popup windows[ GOK and MAG window] and stop all the
evil popup windows from Thunderbirds when screen is locked and
Accessibility is turned on.
We are not using the login-helper interface that Alan suggested because
it was too difficult at this time to figure out how to get xscreensaver
to use it. The code changes that we are making are in the xscreensaver
code and not xscreensaver-lock code where previous login-helper changes
were made. We are no worse off than before our changes when A11y is
enabled. Without the at_enabled check, when a11y is enabled, the
accessibility helpers would not be able to get above the xscreensaver
blank screen which is a serious regression so at minimum, the at_enabled
check is needed for a11y issue.
It is not easy to give any quick solution for security breach when
accessibility is on, in short time. We will address complete fix with
login-helper changes, in S10U9. I think, showing popup window is better
than machine becoming unresponsive for time being.
I am including svn diff of repository trunk/vermillion.
Index: ChangeLog
===================================================================
--- ChangeLog (revision 19104)
+++ ChangeLog (working copy)
@@ -1,3 +1,9 @@
+2009-08-24 Arvind Umrao <arvind.umrao at sun.com>
+
+ * SUNWxscreensaver.spec, patches/xscreensaver-48-bug-6839026.diff:
+ Patch for bugster CR #6839026. Regression in screensaver may cause
Performance Degradation and make locked screensaver unresponsive.
+
+
2009-08-20 Ke Wang <ke.wang at sun.com>
* SUNWgnome-spell.spec:
* base-specs/enchant.spec:
Index: patches/xscreensaver-48-bug-6839026.diff
===================================================================
--- patches/xscreensaver-48-bug-6839026.diff (revision 0)
+++ patches/xscreensaver-48-bug-6839026.diff (revision 0)
@@ -0,0 +1,77 @@
+--- xscreensaver-5.01/driver/lock.c_org 2009-08-21
11:45:14.099217000 +0530
++++ xscreensaver-5.01/driver/lock.c 2009-08-24 09:45:16.841888000 +0530
+@@ -2139,36 +2139,6 @@ passwd_event_loop (saver_info *si)
+ }
+ }
+
+- //bugid 6769901: popup windows appearing through xscreensaver
+- //code to stop popup windows while screen is locked
+- //Raise the screen saver window and then the password dialog
window
+- if (event.xany.type == VisibilityNotify || event.xany.type ==
ConfigureNotify || event.xany.type == CreateNotify)
+- {
+- int screen;
+- for (screen = 0; screen < si->nscreens; screen++)
+- {
+- if(si->passwd_dialog)
+- {
+- saver_screen_info *ssi =
&si->screens[screen];
+- if(screen==0)
+- {
+- Window screen_win[2] = {
+- si->passwd_dialog,
+- ssi->screensaver_window
+- };
+- XRestackWindows(si->dpy,
screen_win, 2);
+-
XMapRaised(si->dpy,si->passwd_dialog);
+- XFlush(si->dpy);
+- }
+- else
+- {
+-
XMapRaised(si->dpy,ssi->screensaver_window);
+- XFlush(si->dpy);
+- }
+- }
+- }
+- }
+-
+ #else /* !HAVE_XSCREENSAVER_LOCK */
+ if (event.xany.window == si->passwd_dialog && event.xany.type ==
Expose)
+ draw_passwd_window (si);
+@@ -2240,6 +2210,37 @@ for (ii = 0; ii < 4; ii++)
+ }
+ /* the above new code for restacking under the conidtion
+ */
++
++/*bugid 6769901,6839026
++popup windows appearing through xscreensaver
++code to stop popup windows while screen is locked
++Raise the screen saver window and then the password dialog window */
++ else if( !at_enabled && si->passwd_dialog
++ && (event.xany.type == VisibilityNotify
++ || event.xany.type == ConfigureNotify
++ || event.xany.type == CreateNotify))
++ {
++ int screen;
++ for (screen = 0; screen < si->nscreens; screen++)
++ {
++ saver_screen_info *ssi = &si->screens[screen];
++ if(event.xany.window && (event.xany.window !=
ssi->screensaver_window ) && (event.xany.window != si->passwd_dialog))
++ {
++ if(screen==0)
++ {
++ Window screen_win[2] =
{si->passwd_dialog,ssi->screensaver_window};
++ XRestackWindows(si->dpy, screen_win, 2);
++ XMapRaised(si->dpy,si->passwd_dialog);
++ XFlush(si->dpy);
++ }
++ else /* screeen where we do not have password
dialog */
++ {
++ XMapRaised(si->dpy,ssi->screensaver_window);
++ XFlush(si->dpy);
++ }
++ }
++ }
++ }
+ else
+ {
+ /*
Index: SUNWxscreensaver.spec
===================================================================
--- SUNWxscreensaver.spec (revision 19104)
+++ SUNWxscreensaver.spec (working copy)
@@ -149,6 +149,8 @@
Patch46: xscreensaver-46-bug-6857559.diff
# date:2009-07-31 owner:bp230705 type:bug bugster:6859039
Patch47: xscreensaver-47-bug-6859039.diff
+# date:2009-08-24 owner:au230626 type:bug bugster:6839026
+Patch48: xscreensaver-48-bug-6839026.diff
# date:2008-03-07 owner:alanc type:branding
Patch101: rss-glx-101-matrixview.diff
@@ -327,6 +329,7 @@
%patch45 -p1
%patch46 -p1
%patch47 -p1
+%patch48 -p1
chmod a+x install-sh configure
@@ -653,3 +656,5 @@
- rename patches from *.patch to *.diff
* Fri Jul 17 2009 - alan.coopersmith at sun.com
- initial version (moved from X gate)
+* Mon Aug 24 2009 - arvind.umrao at sun.com
+- Patch for bugster CR #6839026. Regression in screensaver may cause
Performance Degradation and make locked screensaver unresponsive.
