Re: Proposal for RandR version 1.6, Leases and EDID-based output grabs

Daniel Vetter writes: > Also if this confuses VR, then another reason why we want to make leases > invariant and only allow pure revoke, not changing the list. I'm not sure why you want this to be asymmetrical, nor why you would expect lessees to be any more competent at dealing with hotplug tha

Re: [PATCH libXdmcp] Use getrandom() syscall if available

On 04/ 3/17 12:17 PM, Mark Kettenis wrote: From: Benjamin Tissoires Date: Mon, 3 Apr 2017 17:52:32 +0200 On Mon, Apr 3, 2017 at 4:02 PM, Alan Coopersmith wrote: On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: This allows to fix CVE-2017-2625 on Linux platforms without pulling in libbsd. The

Re: [PATCH libXdmcp] Use getrandom() syscall if available

> From: Benjamin Tissoires > Date: Mon, 3 Apr 2017 17:52:32 +0200 > > On Mon, Apr 3, 2017 at 4:02 PM, Alan Coopersmith > wrote: > > On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: > >> > >> This allows to fix CVE-2017-2625 on Linux platforms without pulling in > >> libbsd. > >> The syscall getra

Re: [PATCH 1/2] Introduce keyboard grabbing protocol for Xwayland

Hi Pekka, > you cannot ignore a wl_registry.bind request. Did you ever try to see > what happens? :-) Admittedly, I didn't go that far! > If you do not create a wl_resource when the protocol spec says "this > creates a new object", then if the client ever refers to the > non-created object, it w

Re: Proposal for RandR version 1.6, Leases and EDID-based output grabs

Daniel Vetter writes: > Hm, if you restrict getresources and getplanes, you'll get your leased > objects query api. Iirc that part was missing in your kernel patch. And it > gives you exaclty what you want: per-type list of object ids. Hrm. I think that's one Dave didn't want to restrict so that

Re: [PATCH libXdmcp] Use getrandom() syscall if available

Am 03.04.2017 17:30, schrieb Benjamin Tissoires: > On Mon, Apr 3, 2017 at 3:17 PM, walter harms wrote: >> >> >> Am 03.04.2017 14:52, schrieb Benjamin Tissoires: >>> This allows to fix CVE-2017-2625 on Linux platforms without pulling in >>> libbsd. >>> The syscall getrandom is available since ker

Re: [PATCH libXdmcp] Use getrandom() syscall if available

On 04/ 3/17 08:52 AM, Benjamin Tissoires wrote: On Mon, Apr 3, 2017 at 4:02 PM, Alan Coopersmith wrote: On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: This allows to fix CVE-2017-2625 on Linux platforms without pulling in libbsd. The syscall getrandom is available since kernel v3.17. The cod

Re: [PATCH libXdmcp] Use getrandom() syscall if available

On Mon, Apr 3, 2017 at 4:02 PM, Alan Coopersmith wrote: > On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: >> >> This allows to fix CVE-2017-2625 on Linux platforms without pulling in >> libbsd. >> The syscall getrandom is available since kernel v3.17. The code first >> tries to use the syscall on

Re: [PATCH libXdmcp] Use getrandom() syscall if available

On Mon, Apr 3, 2017 at 3:17 PM, walter harms wrote: > > > Am 03.04.2017 14:52, schrieb Benjamin Tissoires: >> This allows to fix CVE-2017-2625 on Linux platforms without pulling in >> libbsd. >> The syscall getrandom is available since kernel v3.17. The code first >> tries to use the syscall on a

Re: [PATCH 1/2] Introduce keyboard grabbing protocol for Xwayland

On Mon, 3 Apr 2017 09:47:50 -0400 (EDT) Olivier Fourdan wrote: > Hi Quentin, > > > I think it may be worth it to add a little safety net: > > “Compositors are required to restrict this interface to Xwayland alone, > > and raise a protocol error for native Wayland clients.” > > Yes, agreed, go

Re: [PATCH 1/2] Introduce keyboard grabbing protocol for Xwayland

- Original Message - > I was thinking about your “hide global”[1] API, which does kill the > client. It seems like a perfect use of it to me. > > [1] > Hehe, yes, that's precisely the use ca

Re: [PATCH libXdmcp] Use getrandom() syscall if available

On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: This allows to fix CVE-2017-2625 on Linux platforms without pulling in libbsd. The syscall getrandom is available since kernel v3.17. The code first tries to use the syscall on a supported kernel. If the syscall fails, it falls back to the current (

Re: [PATCH 1/2] Introduce keyboard grabbing protocol for Xwayland

Hi Quentin, > I think it may be worth it to add a little safety net: > “Compositors are required to restrict this interface to Xwayland alone, > and raise a protocol error for native Wayland clients.” Yes, agreed, good point! But do we really need to kill a client that would dare to try to bind

Re: [PATCH 1/2] Introduce keyboard grabbing protocol for Xwayland

Hey Peter, Thanks for the review! > woohoo, grabs. My favourite topic! ;) > > Mostly ok, a few complaints regarding the documentation but the protocol is > fine from my POV. > > On Wed, Mar 22, 2017 at 05:27:22PM +0100, Olivier Fourdan wrote: > > This patch introduces a new protocol for grabbin

Re: [PATCH libXdmcp] Use getrandom() syscall if available

Am 03.04.2017 14:52, schrieb Benjamin Tissoires: > This allows to fix CVE-2017-2625 on Linux platforms without pulling in > libbsd. > The syscall getrandom is available since kernel v3.17. The code first > tries to use the syscall on a supported kernel. If the syscall fails, > it falls back to th

Re: [Patchset 1/2] Single makefile

Hi Mihail, On 1 April 2017 at 08:25, Mihail Konev wrote: > This was originally done in order to use subdir-objects to prevent automake > warnings (I didn't have the idea of .include.c files at the moment). > > Here for rather illustrative purposes, as well as benchmarking against the > meson. >

[PATCH libICE] Use getrandom() syscall if available

This allows to fix CVE-2017-2626 on Linux platforms without pulling in libbsd. The syscall getrandom is available since kernel v3.17. The code first tries to use the syscall on a supported kernel. If the syscall fails, it falls back to the current (partly vulnerable) code. We do not implement the g

[PATCH libXdmcp] Use getrandom() syscall if available

This allows to fix CVE-2017-2625 on Linux platforms without pulling in libbsd. The syscall getrandom is available since kernel v3.17. The code first tries to use the syscall on a supported kernel. If the syscall fails, it falls back to the current (vulnerable) code. We do not implement the glibc ge

Re: [PATCH xserver 7/7] configure.ac: use automake option subdir-objects

Hi Mihail, On 1 April 2017 at 07:52, Mihail Konev wrote: > Both fixes "source file is in a subdirectory" autoreconf warnings and > ensures automake 2.0 (future) compatibility. > > Dummy source files that only #include the real one are so that every dir > has its own source, and, therefore, does n

Re: [PATCH xserver 5/7] hw/xquartz: fix path to pseudoramiX headers

On 1 April 2017 at 07:52, Mihail Konev wrote: > Regressed-in: 39c548da0cf0522ad246630605b96751ab6d39c0 Fixes: 39c548da0cf0522ad246630605b96751ab6d39c0 Cc: Jeremy Huddleston Sequoia > Signed-off-by: Mihail Konev > --- > This fixes out-of-source XQuartz build. > This line should be within the com

Re: [PATCH xserver 4/7] hw/xquartz: add missing destdir

On 1 April 2017 at 07:52, Mihail Konev wrote: Here you want to mention what's happening currently and why this is the correct fix. > Signed-off-by: Mihail Konev > --- > This allows running "make distcheck" as a non-root. > > (Although the resulting DESTDIR includes the path to source tree *twi

Re: [PATCH xserver 3/7] hw/xfree86: add suid wrapper to uninstall target

On 1 April 2017 at 07:52, Mihail Konev wrote: > Signed-off-by: Mihail Konev > --- > Not that this matters, but makes the distcheck not to fail. > > hw/xfree86/Makefile.am | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/xfree86/Makefile.am b/hw/xfree86/Makefile.am > index 85bd0bed0e58

Re: [PATCH xserver 2/7] sdksyms: fix export word indexing

Hi Mihail, On 1 April 2017 at 07:52, Mihail Konev wrote: > Introduced-in: b1dac41fb3853ca8182048ea57b88b6e84ecceb3 > Releaved-in: 3dad57b121fdf001e75fffa7e3007a9a0a154f67 Neither of these tags is used xserver. Perhaps it's worth changing them to something more common? You also want to mention th