On Tue, Feb 2, 2010 at 11:43 AM, Mike Stroyan <m...@lunarg.com> wrote:
> On Mon, Feb 1, 2010 at 7:34 PM, Chia-I Wu <olva...@gmail.com> wrote:
>> On Tue, Feb 2, 2010 at 2:49 AM, Mike Stroyan <m...@lunarg.com> wrote:
>>> Here is a version of the patch that uses EGL_DRIVERS_PATH and checks
>>> for setuid/setgid
>>> before using EGL_DRIVER or EGL_DRIVERS_PATH.
>> The patch seems to be missing :)
> Here is the missing patch file.
The patch looks good. But when I tried to make EGL_DRIVER and the default
driver also honor EGL_DRIVERS_PATH, it turned out that I need to overhaul both
the existing code and your patch.
I've attached my version in this mail. It is based on your work. Please have
a look. If you think it looks fine, I will go ahead and commit.
-olv
From a327d358a01b8604566039251fca7e4cc55dadcb Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 15:34:55 +0800
Subject: [PATCH 1/3] egl: Add EGL_DRIVERS_PATH environment variable.
EGL_DRIVERS_PATH gives a list of colon-separated directories. The given
directories will be searched when preloading drivers.
This is based on Mike Stroyan's patch, which honors the variable in
_eglPreloadDisplayDrivers. It is extended to honor the variable also in
_eglPreloadUserDriver and _eglPreloadDefaultDriver in this version.
Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
docs/egl.html | 9 ++
src/egl/main/egldriver.c | 290 ++++++++++++++++++++++++++++++----------------
2 files changed, 200 insertions(+), 99 deletions(-)
diff --git a/docs/egl.html b/docs/egl.html
index 87f7e7d..8a2ea7c 100644
--- a/docs/egl.html
+++ b/docs/egl.html
@@ -126,6 +126,15 @@ test your build. For example,</p>
runtime</p>
<ul>
+<li><code>EGL_DRIVERS_PATH</code>
+
+<p>By default, the main library will look for drivers in the directory where
+the drivers are installed to. This variable specifies a list of
+colon-separated directories where the main library will look for drivers, in
+addition to the default directory.</p>
+
+</li>
+
<li><code>EGL_DRIVER</code>
<p>This variable specifies a full path to an EGL driver and it forces the
diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 1dadbf7..139f839 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -25,6 +25,7 @@
#include <dlfcn.h>
#include <sys/types.h>
#include <dirent.h>
+#include <unistd.h>
#endif
@@ -55,21 +56,7 @@ close_library(HMODULE lib)
static const char *
library_suffix(void)
{
- return "dll";
-}
-
-
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
- EGLBoolean need_suffix;
- const char *suffix = ".dll";
- int ret;
-
- need_suffix = (strchr(name, '.') == NULL);
- ret = snprintf(buf, size, "%s%s", name, (need_suffix) ? suffix : "");
-
- return ((unsigned int) ret < size);
+ return ".dll";
}
@@ -96,30 +83,13 @@ close_library(void *lib)
static const char *
library_suffix(void)
{
- return "so";
-}
-
-
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
- EGLBoolean need_dir, need_suffix;
- const char *suffix = ".so";
- int ret;
-
- need_dir = (strchr(name, '/') == NULL);
- need_suffix = (strchr(name, '.') == NULL);
-
- ret = snprintf(buf, size, "%s%s%s",
- (need_dir) ? _EGL_DRIVER_SEARCH_DIR"/" : "", name,
- (need_suffix) ? suffix : "");
-
- return ((unsigned int) ret < size);
+ return ".so";
}
#else /* _EGL_PLATFORM_NO_OS */
+
static const char DefaultDriverName[] = "builtin";
typedef void *lib_handle;
@@ -143,14 +113,6 @@ library_suffix(void)
}
-static EGLBoolean
-make_library_path(char *buf, unsigned int size, const char *name)
-{
- int ret = snprintf(buf, size, name);
- return ((unsigned int) ret < size);
-}
-
-
#endif
@@ -299,6 +261,178 @@ _eglMatchDriver(_EGLDisplay *dpy)
/**
+ * A preload function for use with _eglPreloadForEach. The preload data is the
+ * filename of the driver. This function stops on the first valid driver.
+ */
+static EGLBoolean
+_eglPreloadFile(const char *dir, size_t len, void *preload_data)
+{
+ _EGLDriver *drv;
+ char path[1024];
+ const char *filename = (const char *) preload_data;
+ size_t flen = strlen(filename);
+
+ /* make a full path */
+ if (len + flen + 2 > sizeof(path))
+ return EGL_TRUE;
+ if (len) {
+ memcpy(path, dir, len);
+ path[len++] = '/';
+ }
+ memcpy(path + len, filename, flen);
+ len += flen;
+ path[len] = '\0';
+
+ drv = _eglLoadDriver(path, NULL);
+ /* fix the path and load again */
+ if (!drv && library_suffix()) {
+ const char *suffix = library_suffix();
+ size_t slen = strlen(suffix);
+ const char *p;
+ EGLBoolean need_suffix;
+
+ p = filename + flen - slen;
+ need_suffix = (p < filename || strcmp(p, suffix) != 0);
+ if (need_suffix && len + slen + 1 <= sizeof(path)) {
+ strcpy(path + len, suffix);
+ drv = _eglLoadDriver(path, NULL);
+ }
+ }
+ if (!drv)
+ return EGL_TRUE;
+
+ /* remember the driver and stop */
+ _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
+ return EGL_FALSE;
+}
+
+
+/**
+ * A preload function for use with _eglPreloadForEach. The preload data is the
+ * pattern (prefix) of the files to look for.
+ */
+static EGLBoolean
+_eglPreloadPattern(const char *dir, size_t len, void *preload_data)
+{
+#if defined(_EGL_PLATFORM_POSIX)
+ const char *prefix, *suffix;
+ size_t prefix_len, suffix_len;
+ DIR *dirp;
+ struct dirent *dirent;
+ char path[1024];
+
+ if (len + 2 > sizeof(path))
+ return EGL_TRUE;
+ if (len) {
+ memcpy(path, dir, len);
+ path[len++] = '/';
+ }
+ path[len] = '\0';
+
+ dirp = opendir(path);
+ if (!dirp)
+ return EGL_TRUE;
+
+ prefix = (const char *) preload_data;
+ prefix_len = strlen(prefix);
+ suffix = library_suffix();
+ suffix_len = (suffix) ? strlen(suffix) : 0;
+
+ while ((dirent = readdir(dirp))) {
+ _EGLDriver *drv;
+ size_t dirent_len = strlen(dirent->d_name);
+ const char *p;
+
+ /* match the prefix */
+ if (strncmp(dirent->d_name, prefix, prefix_len) != 0)
+ continue;
+ /* match the suffix */
+ p = dirent->d_name + dirent_len - suffix_len;
+ if (p < dirent->d_name || strcmp(p, suffix) != 0)
+ continue;
+
+ /* make a full path and load the driver */
+ if (len + dirent_len + 1 <= sizeof(path)) {
+ strcpy(path + len, dirent->d_name);
+ drv = _eglLoadDriver(path, NULL);
+ if (drv)
+ _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
+ }
+ }
+
+ closedir(dirp);
+
+ return EGL_TRUE;
+#else /* _EGL_PLATFORM_POSIX */
+ /* stop immediately */
+ return EGL_FALSE;
+#endif
+}
+
+
+/**
+ * Run the preload function on each driver directory and return the number of
+ * drivers loaded.
+ *
+ * The process may end prematurely if the callback function returns false.
+ */
+static EGLint
+_eglPreloadForEach(const char *search_path,
+ EGLBoolean (*preload)(const char *, size_t, void *),
+ void *preload_data)
+{
+ const char *cur, *next;
+ size_t len;
+ EGLint num_drivers = _eglGlobal.NumDrivers;
+
+ cur = search_path;
+ while (cur) {
+ next = strchr(cur, ':');
+ len = (next) ? next - cur : strlen(cur);
+
+ if (!preload(cur, len, preload_data))
+ break;
+
+ cur = (next) ? next + 1 : NULL;
+ }
+
+ return (_eglGlobal.NumDrivers - num_drivers);
+}
+
+
+/**
+ * Return a list of colon-separated driver directories.
+ */
+static const char *
+_eglGetSearchPath(void)
+{
+ static const char *search_path;
+
+#if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
+ if (!search_path) {
+ static char buffer[1024];
+ const char *p;
+ int ret;
+
+ p = getenv("EGL_DRIVERS_PATH");
+ if (p) {
+ ret = snprintf(buffer, sizeof(buffer),
+ "%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
+ if (ret > 0 && ret < sizeof(buffer))
+ search_path = buffer;
+ }
+ }
+ if (!search_path)
+ search_path = _EGL_DRIVER_SEARCH_DIR;
+#else
+ search_path = "";
+#endif
+
+ return search_path;
+}
+
+
+/**
* Preload a user driver.
*
* A user driver can be specified by EGL_DRIVER.
@@ -307,25 +441,22 @@ static EGLBoolean
_eglPreloadUserDriver(void)
{
#if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
- _EGLDriver *drv;
- char path[1024];
+ const char *search_path = _eglGetSearchPath();
char *env;
env = getenv("EGL_DRIVER");
+#if defined(_EGL_PLATFORM_POSIX)
+ if (env && strchr(env, '/'))
+ search_path = "";
+#endif
if (!env)
return EGL_FALSE;
- if (!make_library_path(path, sizeof(path), env))
- return EGL_FALSE;
-
- drv = _eglLoadDriver(path, NULL);
- if (!drv) {
+ if (!_eglPreloadForEach(search_path, _eglPreloadFile, (void *) env)) {
_eglLog(_EGL_WARNING, "EGL_DRIVER is set to an invalid driver");
return EGL_FALSE;
}
- _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
-
return EGL_TRUE;
#else /* _EGL_PLATFORM_POSIX || _EGL_PLATFORM_WINDOWS */
return EGL_FALSE;
@@ -346,10 +477,9 @@ static EGLBoolean
_eglPreloadDisplayDrivers(void)
{
#if defined(_EGL_PLATFORM_POSIX)
- const char *dpy, *suffix;
- char path[1024], prefix[32];
- DIR *dirp;
- struct dirent *dirent;
+ const char *dpy;
+ char prefix[32];
+ int ret;
dpy = getenv("EGL_DISPLAY");
if (!dpy || !dpy[0])
@@ -357,39 +487,12 @@ _eglPreloadDisplayDrivers(void)
if (!dpy || !dpy[0])
return EGL_FALSE;
- snprintf(prefix, sizeof(prefix), "egl_%s_", dpy);
- suffix = library_suffix();
-
- dirp = opendir(_EGL_DRIVER_SEARCH_DIR);
- if (!dirp)
+ ret = snprintf(prefix, sizeof(prefix), "egl_%s_", dpy);
+ if (ret < 0 || ret >= sizeof(prefix))
return EGL_FALSE;
- while ((dirent = readdir(dirp))) {
- _EGLDriver *drv;
- const char *p;
-
- /* match the prefix */
- if (strncmp(dirent->d_name, prefix, strlen(prefix)) != 0)
- continue;
-
- /* match the suffix */
- p = strrchr(dirent->d_name, '.');
- if ((p && !suffix) || (!p && suffix))
- continue;
- else if (p && suffix && strcmp(p + 1, suffix) != 0)
- continue;
-
- snprintf(path, sizeof(path),
- _EGL_DRIVER_SEARCH_DIR"/%s", dirent->d_name);
-
- drv = _eglLoadDriver(path, NULL);
- if (drv)
- _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
- }
-
- closedir(dirp);
-
- return (_eglGlobal.NumDrivers > 0);
+ return (_eglPreloadForEach(_eglGetSearchPath(),
+ _eglPreloadPattern, (void *) prefix) > 0);
#else /* _EGL_PLATFORM_POSIX */
return EGL_FALSE;
#endif
@@ -402,19 +505,8 @@ _eglPreloadDisplayDrivers(void)
static EGLBoolean
_eglPreloadDefaultDriver(void)
{
- _EGLDriver *drv;
- char path[1024];
-
- if (!make_library_path(path, sizeof(path), DefaultDriverName))
- return EGL_FALSE;
-
- drv = _eglLoadDriver(path, NULL);
- if (!drv)
- return EGL_FALSE;
-
- _eglGlobal.Drivers[_eglGlobal.NumDrivers++] = drv;
-
- return EGL_TRUE;
+ return (_eglPreloadForEach(_eglGetSearchPath(),
+ _eglPreloadFile, (void *) DefaultDriverName) > 0);
}
--
1.6.5
From d12e279633909d6f026421c4bc2fa52f833eceed Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 16:47:53 +0800
Subject: [PATCH 2/3] egl: Ignore certain environment variables when setuid/setgid.
Specifically, ignore EGL_DRIVERS_PATH when an application is
setuid/setgid. And ignore EGL_DRIVER when there is a slash in it.
Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
docs/egl.html | 5 +++--
src/egl/main/egldriver.c | 18 ++++++++++++++++--
2 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/docs/egl.html b/docs/egl.html
index 8a2ea7c..30cbe0e 100644
--- a/docs/egl.html
+++ b/docs/egl.html
@@ -131,7 +131,8 @@ runtime</p>
<p>By default, the main library will look for drivers in the directory where
the drivers are installed to. This variable specifies a list of
colon-separated directories where the main library will look for drivers, in
-addition to the default directory.</p>
+addition to the default directory. This variable is ignored for setuid/setgid
+binaries.</p>
</li>
@@ -139,7 +140,7 @@ addition to the default directory.</p>
<p>This variable specifies a full path to an EGL driver and it forces the
specified EGL driver to be loaded. It comes in handy when one wants to test a
-specific driver.</p>
+specific driver. This variable is ignored for setuid/setgid binaries.</p>
</li>
diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 139f839..0ccdea7 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -415,6 +415,14 @@ _eglGetSearchPath(void)
int ret;
p = getenv("EGL_DRIVERS_PATH");
+#if defined(_EGL_PLATFORM_POSIX)
+ if (p && (geteuid() != getuid() || getegid() != getgid())) {
+ _eglLog(_EGL_DEBUG,
+ "ignore EGL_DRIVERS_PATH for setuid/setgid binaries");
+ p = NULL;
+ }
+#endif /* _EGL_PLATFORM_POSIX */
+
if (p) {
ret = snprintf(buffer, sizeof(buffer),
"%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
@@ -446,9 +454,15 @@ _eglPreloadUserDriver(void)
env = getenv("EGL_DRIVER");
#if defined(_EGL_PLATFORM_POSIX)
- if (env && strchr(env, '/'))
+ if (env && strchr(env, '/')) {
search_path = "";
-#endif
+ if ((geteuid() != getuid() || getegid() != getgid())) {
+ _eglLog(_EGL_DEBUG,
+ "ignore EGL_DRIVER for setuid/setgid binaries");
+ env = NULL;
+ }
+ }
+#endif /* _EGL_PLATFORM_POSIX */
if (!env)
return EGL_FALSE;
--
1.6.5
From dd2764c2fafc11a02904488297efffa2915a0e3b Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olva...@gmail.com>
Date: Tue, 2 Feb 2010 17:05:56 +0800
Subject: [PATCH 3/3] egl: Remove unnecessary #ifdef's.
There were some refactorings with the addition of EGL_DRIVERS_PATH.
They made some platform #ifdef's unnecessary.
Signed-off-by: Chia-I Wu <olva...@gmail.com>
---
src/egl/main/egldriver.c | 8 --------
1 files changed, 0 insertions(+), 8 deletions(-)
diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 0ccdea7..8e623a0 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -448,7 +448,6 @@ _eglGetSearchPath(void)
static EGLBoolean
_eglPreloadUserDriver(void)
{
-#if defined(_EGL_PLATFORM_POSIX) || defined(_EGL_PLATFORM_WINDOWS)
const char *search_path = _eglGetSearchPath();
char *env;
@@ -472,9 +471,6 @@ _eglPreloadUserDriver(void)
}
return EGL_TRUE;
-#else /* _EGL_PLATFORM_POSIX || _EGL_PLATFORM_WINDOWS */
- return EGL_FALSE;
-#endif
}
@@ -490,7 +486,6 @@ _eglPreloadUserDriver(void)
static EGLBoolean
_eglPreloadDisplayDrivers(void)
{
-#if defined(_EGL_PLATFORM_POSIX)
const char *dpy;
char prefix[32];
int ret;
@@ -507,9 +502,6 @@ _eglPreloadDisplayDrivers(void)
return (_eglPreloadForEach(_eglGetSearchPath(),
_eglPreloadPattern, (void *) prefix) > 0);
-#else /* _EGL_PLATFORM_POSIX */
- return EGL_FALSE;
-#endif
}
--
1.6.5
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Mesa3d-dev mailing list
Mesa3d-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mesa3d-dev