On Tue, Feb 2, 2010 at 11:43 AM, Mike Stroyan <m...@lunarg.com> wrote:
> On Mon, Feb 1, 2010 at 7:34 PM, Chia-I Wu <olva...@gmail.com> wrote:
>> On Tue, Feb 2, 2010 at 2:49 AM, Mike Stroyan <m...@lunarg.com> wrote:
>>>  Here is a version of the patch that uses EGL_DRIVERS_PATH and checks
>>> for setuid/setgid
>>> before using EGL_DRIVER or EGL_DRIVERS_PATH.
>> The patch seems to be missing :)
> Here is the missing patch file.
The patch looks good.  But when I tried to make EGL_DRIVER and the default
driver also honor EGL_DRIVERS_PATH, it turned out that I need to overhaul both
the existing code and your patch.

I've attached my version in this mail.  It is based on your work.  Please have
a look.  If you think it looks fine, I will go ahead and commit.

-olv
From a327d358a01b8604566039251fca7e4cc55dadcb Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 15:34:55 +0800
Subject: [PATCH 1/3] egl: Add EGL_DRIVERS_PATH environment variable.

EGL_DRIVERS_PATH gives a list of colon-separated directories.  The given
directories will be searched when preloading drivers.

This is based on Mike Stroyan's patch, which honors the variable in
_eglPreloadDisplayDrivers.  It is extended to honor the variable also in
_eglPreloadUserDriver and _eglPreloadDefaultDriver in this version.

Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
 docs/egl.html            |    9 ++
 src/egl/main/egldriver.c |  290 ++++++++++++++++++++++++++++++----------------
 2 files changed, 200 insertions(+), 99 deletions(-)

diff --git a/docs/egl.html b/docs/egl.html
index 87f7e7d..8a2ea7c 100644
--- a/docs/egl.html
+++ b/docs/egl.html
@@ -126,6 +126,15 @@ test your build.  For example,</p>
 runtime</p>
 
 <ul>
+<li><code>EGL_DRIVERS_PATH</code>
+
+<p>By default, the main library will look for drivers in the directory where
+the drivers are installed to.  This variable specifies a list of
+colon-separated directories where the main library will look for drivers, in
+addition to the default directory.</p>
+
+</li>
+
 <li><code>EGL_DRIVER</code>
 
 <p>This variable specifies a full path to an EGL driver and it forces the
diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 1dadbf7..139f839 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -25,6 +25,7 @@
 #include <dlfcn.h>
 #include <sys/types.h>
 #include <dirent.h>
+#include <unistd.h>
 #endif
 
 
@@ -55,21 +56,7 @@ close_library(HMODULE lib)
 static const char *
 library_suffix(void)
 {
-   return "dll";
-}
-
-
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
-   EGLBoolean need_suffix;
-   const char *suffix = ".dll";
-   int ret;
-
-   need_suffix = (strchr(name, '.') == NULL);
-   ret = snprintf(buf, size, "%s%s", name, (need_suffix) ? suffix : "");
-
-   return ((unsigned int) ret < size);
+   return ".dll";
 }
 
 
@@ -96,30 +83,13 @@ close_library(void *lib)
 static const char *
 library_suffix(void)
 {
-   return "so";
-}
-
-
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
-   EGLBoolean need_dir, need_suffix;
-   const char *suffix = ".so";
-   int ret;
-
-   need_dir = (strchr(name, '/') == NULL);
-   need_suffix = (strchr(name, '.') == NULL);
-
-   ret = snprintf(buf, size, "%s%s%s",
-         (need_dir) ? _EGL_DRIVER_SEARCH_DIR"/" : "", name,
-         (need_suffix) ? suffix : "");
-
-   return ((unsigned int) ret < size);
+   return ".so";
 }
 
 
 #else /* _EGL_PLATFORM_NO_OS */
 
+
 static const char DefaultDriverName[] = "builtin";
 
 typedef void *lib_handle;
@@ -143,14 +113,6 @@ library_suffix(void)
 }
 
 
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
-   int ret = snprintf(buf, size, name);
-   return ((unsigned int) ret < size);
-}
-
-
 #endif
 
 
@@ -299,6 +261,178 @@ _eglMatchDriver(_EGLDisplay *dpy)
 
 
 /**
+ * A preload function for use with _eglPreloadForEach.  The preload data is the
+ * filename of the driver.   This function stops on the first valid driver.
+ */
+static EGLBoolean
+_eglPreloadFile(const char *dir, size_t len, void *preload_data)
+{
+   _EGLDriver *drv;
+   char path[1024];
+   const char *filename = (const char *) preload_data;
+   size_t flen = strlen(filename);
+
+   /* make a full path */
+   if (len + flen + 2 > sizeof(path))
+      return EGL_TRUE;
+   if (len) {
+      memcpy(path, dir, len);
+      path[len++] = '/';
+   }
+   memcpy(path + len, filename, flen);
+   len += flen;
+   path[len] = '\0';
+
+   drv = _eglLoadDriver(path, NULL);
+   /* fix the path and load again */
+   if (!drv && library_suffix()) {
+      const char *suffix = library_suffix();
+      size_t slen = strlen(suffix);
+      const char *p;
+      EGLBoolean need_suffix;
+
+      p = filename + flen - slen;
+      need_suffix = (p < filename || strcmp(p, suffix) != 0);
+      if (need_suffix && len + slen + 1 <= sizeof(path)) {
+         strcpy(path + len, suffix);
+         drv = _eglLoadDriver(path, NULL);
+      }
+   }
+   if (!drv)
+      return EGL_TRUE;
+
+   /* remember the driver and stop */
+   _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
+   return EGL_FALSE;
+}
+
+
+/**
+ * A preload function for use with _eglPreloadForEach.  The preload data is the
+ * pattern (prefix) of the files to look for.
+ */
+static EGLBoolean
+_eglPreloadPattern(const char *dir, size_t len, void *preload_data)
+{
+#if defined(_EGL_PLATFORM_POSIX)
+   const char *prefix, *suffix;
+   size_t prefix_len, suffix_len;
+   DIR *dirp;
+   struct dirent *dirent;
+   char path[1024];
+
+   if (len + 2 > sizeof(path))
+      return EGL_TRUE;
+   if (len) {
+      memcpy(path, dir, len);
+      path[len++] = '/';
+   }
+   path[len] = '\0';
+
+   dirp = opendir(path);
+   if (!dirp)
+      return EGL_TRUE;
+
+   prefix = (const char *) preload_data;
+   prefix_len = strlen(prefix);
+   suffix = library_suffix();
+   suffix_len = (suffix) ? strlen(suffix) : 0;
+
+   while ((dirent = readdir(dirp))) {
+      _EGLDriver *drv;
+      size_t dirent_len = strlen(dirent->d_name);
+      const char *p;
+
+      /* match the prefix */
+      if (strncmp(dirent->d_name, prefix, prefix_len) != 0)
+         continue;
+      /* match the suffix */
+      p = dirent->d_name + dirent_len - suffix_len;
+      if (p < dirent->d_name || strcmp(p, suffix) != 0)
+         continue;
+
+      /* make a full path and load the driver */
+      if (len + dirent_len + 1 <= sizeof(path)) {
+         strcpy(path + len, dirent->d_name);
+         drv = _eglLoadDriver(path, NULL);
+         if (drv)
+            _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
+      }
+   }
+
+   closedir(dirp);
+
+   return EGL_TRUE;
+#else /* _EGL_PLATFORM_POSIX */
+   /* stop immediately */
+   return EGL_FALSE;
+#endif
+}
+
+
+/**
+ * Run the preload function on each driver directory and return the number of
+ * drivers loaded.
+ *
+ * The process may end prematurely if the callback function returns false.
+ */
+static EGLint
+_eglPreloadForEach(const char *search_path,
+                   EGLBoolean (*preload)(const char *, size_t, void *),
+                   void *preload_data)
+{
+   const char *cur, *next;
+   size_t len;
+   EGLint num_drivers = _eglGlobal.NumDrivers;
+
+   cur = search_path;
+   while (cur) {
+      next = strchr(cur, ':');
+      len = (next) ? next - cur : strlen(cur);
+
+      if (!preload(cur, len, preload_data))
+         break;
+
+      cur = (next) ? next + 1 : NULL;
+   }
+
+   return (_eglGlobal.NumDrivers - num_drivers);
+}
+
+
+/**
+ * Return a list of colon-separated driver directories.
+ */
+static const char *
+_eglGetSearchPath(void)
+{
+   static const char *search_path;
+
+#if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
+   if (!search_path) {
+      static char buffer[1024];
+      const char *p;
+      int ret;
+
+      p = getenv("EGL_DRIVERS_PATH");
+      if (p) {
+         ret = snprintf(buffer, sizeof(buffer),
+               "%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
+         if (ret > 0 && ret < sizeof(buffer))
+            search_path = buffer;
+      }
+   }
+   if (!search_path)
+      search_path = _EGL_DRIVER_SEARCH_DIR;
+#else
+   search_path = "";
+#endif
+
+   return search_path;
+}
+
+
+/**
  * Preload a user driver.
  *
  * A user driver can be specified by EGL_DRIVER.
@@ -307,25 +441,22 @@ static EGLBoolean
 _eglPreloadUserDriver(void)
 {
 #if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
-   _EGLDriver *drv;
-   char path[1024];
+   const char *search_path = _eglGetSearchPath();
    char *env;
 
    env = getenv("EGL_DRIVER");
+#if defined(_EGL_PLATFORM_POSIX)
+   if (env && strchr(env, '/'))
+      search_path = "";
+#endif
    if (!env)
       return EGL_FALSE;
 
-   if (!make_library_path(path, sizeof(path), env))
-      return EGL_FALSE;
-
-   drv = _eglLoadDriver(path, NULL);
-   if (!drv) {
+   if (!_eglPreloadForEach(search_path, _eglPreloadFile, (void *) env)) {
       _eglLog(_EGL_WARNING, "EGL_DRIVER is set to an invalid driver");
       return EGL_FALSE;
    }
 
-   _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
-
    return EGL_TRUE;
 #else /* _EGL_PLATFORM_POSIX || _EGL_PLATFORM_WINDOWS */
    return EGL_FALSE;
@@ -346,10 +477,9 @@ static EGLBoolean
 _eglPreloadDisplayDrivers(void)
 {
 #if defined(_EGL_PLATFORM_POSIX)
-   const char *dpy, *suffix;
-   char path[1024], prefix[32];
-   DIR *dirp;
-   struct dirent *dirent;
+   const char *dpy;
+   char prefix[32];
+   int ret;
 
    dpy = getenv("EGL_DISPLAY");
    if (!dpy || !dpy[0])
@@ -357,39 +487,12 @@ _eglPreloadDisplayDrivers(void)
    if (!dpy || !dpy[0])
       return EGL_FALSE;
 
-   snprintf(prefix, sizeof(prefix), "egl_%s_", dpy);
-   suffix = library_suffix();
-
-   dirp = opendir(_EGL_DRIVER_SEARCH_DIR);
-   if (!dirp)
+   ret = snprintf(prefix, sizeof(prefix), "egl_%s_", dpy);
+   if (ret < 0 || ret >= sizeof(prefix))
       return EGL_FALSE;
 
-   while ((dirent = readdir(dirp))) {
-      _EGLDriver *drv;
-      const char *p;
-
-      /* match the prefix */
-      if (strncmp(dirent->d_name, prefix, strlen(prefix)) != 0)
-         continue;
-
-      /* match the suffix */
-      p = strrchr(dirent->d_name, '.');
-      if ((p && !suffix) || (!p && suffix))
-         continue;
-      else if (p && suffix && strcmp(p + 1, suffix) != 0)
-         continue;
-
-      snprintf(path, sizeof(path),
-            _EGL_DRIVER_SEARCH_DIR"/%s", dirent->d_name);
-
-      drv = _eglLoadDriver(path, NULL);
-      if (drv)
-         _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
-   }
-
-   closedir(dirp);
-
-   return (_eglGlobal.NumDrivers > 0);
+   return (_eglPreloadForEach(_eglGetSearchPath(),
+            _eglPreloadPattern, (void *) prefix) > 0);
 #else /* _EGL_PLATFORM_POSIX */
    return EGL_FALSE;
 #endif
@@ -402,19 +505,8 @@ _eglPreloadDisplayDrivers(void)
 static EGLBoolean
 _eglPreloadDefaultDriver(void)
 {
-   _EGLDriver *drv;
-   char path[1024];
-
-   if (!make_library_path(path, sizeof(path), DefaultDriverName))
-      return EGL_FALSE;
-
-   drv = _eglLoadDriver(path, NULL);
-   if (!drv)
-      return EGL_FALSE;
-
-   _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
-
-   return EGL_TRUE;
+   return (_eglPreloadForEach(_eglGetSearchPath(),
+            _eglPreloadFile, (void *) DefaultDriverName) > 0);
 }
 
 
-- 
1.6.5

From d12e279633909d6f026421c4bc2fa52f833eceed Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 16:47:53 +0800
Subject: [PATCH 2/3] egl: Ignore certain environment variables when setuid/setgid.

Specifically, ignore EGL_DRIVERS_PATH when an application is
setuid/setgid.  And ignore EGL_DRIVER when there is a slash in it.

Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
 docs/egl.html            |    5 +++--
 src/egl/main/egldriver.c |   18 ++++++++++++++++--
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/docs/egl.html b/docs/egl.html
index 8a2ea7c..30cbe0e 100644
--- a/docs/egl.html
+++ b/docs/egl.html
@@ -131,7 +131,8 @@ runtime</p>
 <p>By default, the main library will look for drivers in the directory where
 the drivers are installed to.  This variable specifies a list of
 colon-separated directories where the main library will look for drivers, in
-addition to the default directory.</p>
+addition to the default directory.  This variable is ignored for setuid/setgid
+binaries.</p>
 
 </li>
 
@@ -139,7 +140,7 @@ addition to the default directory.</p>
 
 <p>This variable specifies a full path to an EGL driver and it forces the
 specified EGL driver to be loaded.  It comes in handy when one wants to test a
-specific driver.</p>
+specific driver.  This variable is ignored for setuid/setgid binaries.</p>
 
 </li>
 
diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 139f839..0ccdea7 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -415,6 +415,14 @@ _eglGetSearchPath(void)
       int ret;
 
       p = getenv("EGL_DRIVERS_PATH");
+#if defined(_EGL_PLATFORM_POSIX)
+      if (p && (geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVERS_PATH for setuid/setgid binaries");
+         p = NULL;
+      }
+#endif /* _EGL_PLATFORM_POSIX */
+
       if (p) {
          ret = snprintf(buffer, sizeof(buffer),
                "%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
@@ -446,9 +454,15 @@ _eglPreloadUserDriver(void)
 
    env = getenv("EGL_DRIVER");
 #if defined(_EGL_PLATFORM_POSIX)
-   if (env && strchr(env, '/'))
+   if (env && strchr(env, '/')) {
       search_path = "";
-#endif
+      if ((geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVER for setuid/setgid binaries");
+         env = NULL;
+      }
+   }
+#endif /* _EGL_PLATFORM_POSIX */
    if (!env)
       return EGL_FALSE;
 
-- 
1.6.5

From dd2764c2fafc11a02904488297efffa2915a0e3b Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 17:05:56 +0800
Subject: [PATCH 3/3] egl: Remove unnecessary #ifdef's.

There were some refactorings with the addition of EGL_DRIVERS_PATH.
They made some platform #ifdef's unnecessary.

Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
 src/egl/main/egldriver.c |    8 --------
 1 files changed, 0 insertions(+), 8 deletions(-)

diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 0ccdea7..8e623a0 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -448,7 +448,6 @@ _eglGetSearchPath(void)
 static EGLBoolean
 _eglPreloadUserDriver(void)
 {
-#if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
    const char *search_path = _eglGetSearchPath();
    char *env;
 
@@ -472,9 +471,6 @@ _eglPreloadUserDriver(void)
    }
 
    return EGL_TRUE;
-#else /* _EGL_PLATFORM_POSIX || _EGL_PLATFORM_WINDOWS */
-   return EGL_FALSE;
-#endif
 }
 
 
@@ -490,7 +486,6 @@ _eglPreloadUserDriver(void)
 static EGLBoolean
 _eglPreloadDisplayDrivers(void)
 {
-#if defined(_EGL_PLATFORM_POSIX)
    const char *dpy;
    char prefix[32];
    int ret;
@@ -507,9 +502,6 @@ _eglPreloadDisplayDrivers(void)
 
    return (_eglPreloadForEach(_eglGetSearchPath(),
             _eglPreloadPattern, (void *) prefix) > 0);
-#else /* _EGL_PLATFORM_POSIX */
-   return EGL_FALSE;
-#endif
 }
 
 
-- 
1.6.5

------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Mesa3d-dev mailing list
Mesa3d-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mesa3d-dev

Reply via email to