xwayland 23.0.99.901

Resolves: #2172415
2023-02-22 12:03:52 +01:00 · 2023-02-22 12:03:52 +01:00 · fd40461fe8
commit fd40461fe8
parent 77e23150f3
6 changed files with 17 additions and 255 deletions
--- a/.gitignore
+++ b/.gitignore
@ -19,3 +19,4 @@
 /xwayland-22.1.6.tar.xz
 /xwayland-22.1.7.tar.xz
 /xwayland-22.1.8.tar.xz
 /xwayland-23.0.99.901.tar.xz
--- a/0001-Fix-some-indentation-issues.patch
+++ b/0001-Fix-some-indentation-issues.patch
@ -1,69 +0,0 @@
 From 5f0f99c817cdcf0c258962f3039afc6483698388 Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Mon, 19 Dec 2022 10:34:29 +1000
 Subject: [PATCH xserver 1/3] Fix some indentation issues
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 (cherry picked from commit 73d6e888c6058b28a0e87ab65aa4172b17d8327d)
 ---
 dix/dispatch.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)
 diff --git a/dix/dispatch.c b/dix/dispatch.c
 index 460296197..4fc99b170 100644
 --- a/dix/dispatch.c
 +++ b/dix/dispatch.c
@@ -492,10 +492,10 @@ Dispatch(void)
         if (!WaitForSomething(clients_are_ready()))
             continue;
 -       /*****************
 -	*  Handle events in round robin fashion, doing input between
 -	*  each round
 -	*****************/
 +        /*****************
 +         *  Handle events in round robin fashion, doing input between
 +         *  each round
 +         *****************/
         if (!dispatchException && clients_are_ready()) {
             client = SmartScheduleClient();
@@ -3657,11 +3657,11 @@ ProcInitialConnection(ClientPtr client)
     prefix = (xConnClientPrefix *) ((char *)stuff + sz_xReq);
     order = prefix->byteOrder;
     if (order != 'l' && order != 'B' && order != 'r' && order != 'R')
 -	return client->noClientException = -1;
 +        return client->noClientException = -1;
     if (((*(char *) &whichbyte) && (order == 'B' || order == 'R')) ||
 -	(!(*(char *) &whichbyte) && (order == 'l' || order == 'r'))) {
 -	client->swapped = TRUE;
 -	SwapConnClientPrefix(prefix);
 +        (!(*(char *) &whichbyte) && (order == 'l' || order == 'r'))) {
 +        client->swapped = TRUE;
 +        SwapConnClientPrefix(prefix);
     }
     stuff->reqType = 2;
     stuff->length += bytes_to_int32(prefix->nbytesAuthProto) +
@@ -3670,7 +3670,7 @@ ProcInitialConnection(ClientPtr client)
         swaps(&stuff->length);
     }
     if (order == 'r' || order == 'R') {
 -	client->local = FALSE;
 +        client->local = FALSE;
     }
     ResetCurrentRequest(client);
     return Success;
@@ -3781,8 +3781,8 @@ ProcEstablishConnection(ClientPtr client)
     auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto);
     if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix +
 -	pad_to_int32(prefix->nbytesAuthProto) +
 -	pad_to_int32(prefix->nbytesAuthString))
 +            pad_to_int32(prefix->nbytesAuthProto) +
 +            pad_to_int32(prefix->nbytesAuthString))
         reason = "Bad length";
     else if ((prefix->majorVersion != X_PROTOCOL) ||
         (prefix->minorVersion != X_PROTOCOL_REVISION))
 -- 
 2.39.0
--- a/0002-dix-localize-two-variables.patch
+++ b/0002-dix-localize-two-variables.patch
@ -1,50 +0,0 @@
 From da6398e4e13aa2866232df6f896c75751cc7cb46 Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Tue, 20 Dec 2022 11:40:16 +1000
 Subject: [PATCH xserver 2/3] dix: localize two variables
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 (cherry picked from commit f69280ddcdd3115ee4717f22e85e0f43569b60dd)
 ---
 dix/dispatch.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 diff --git a/dix/dispatch.c b/dix/dispatch.c
 index 4fc99b170..2efa2dcf1 100644
 --- a/dix/dispatch.c
 +++ b/dix/dispatch.c
@@ -3771,14 +3771,11 @@ int
 ProcEstablishConnection(ClientPtr client)
 {
     const char *reason;
 -    char *auth_proto, *auth_string;
     xConnClientPrefix *prefix;
     REQUEST(xReq);
     prefix = (xConnClientPrefix *) ((char *) stuff + sz_xReq);
 -    auth_proto = (char *) prefix + sz_xConnClientPrefix;
 -    auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto);
     if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix +
             pad_to_int32(prefix->nbytesAuthProto) +
@@ -3787,12 +3784,15 @@ ProcEstablishConnection(ClientPtr client)
     else if ((prefix->majorVersion != X_PROTOCOL) ||
         (prefix->minorVersion != X_PROTOCOL_REVISION))
         reason = "Protocol version mismatch";
 -    else
 +    else {
 +        char *auth_proto = (char *) prefix + sz_xConnClientPrefix;
 +        char *auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto);
         reason = ClientAuthorized(client,
                                   (unsigned short) prefix->nbytesAuthProto,
                                   auth_proto,
                                   (unsigned short) prefix->nbytesAuthString,
                                   auth_string);
 +    }
     return (SendConnSetup(client, reason));
 }
 -- 
 2.39.0
--- a/0003-Disallow-byte-swapped-clients-by-default.patch
+++ b/0003-Disallow-byte-swapped-clients-by-default.patch
@ -1,117 +0,0 @@
 From 068862767ef95ebc54977e1df49ab700c20ae347 Mon Sep 17 00:00:00 2001
 From: Peter Hutterer <peter.hutterer@who-t.net>
 Date: Tue, 20 Dec 2022 10:42:03 +1000
 Subject: [PATCH xserver 3/3] Disallow byte-swapped clients by default
 The X server swapping code is a huge attack surface, much of this code
 is untested and prone to security issues. The use-case of byte-swapped
 clients is very niche, so let's disable this by default and allow it
 only when the respective config option or commandline flag is given.
 For Xorg, this adds the ServerFlag "AllowByteSwappedClients" "on".
 For all DDX, this adds the commandline options +byteswappedclients and
 -byteswappedclients to enable or disable, respectively.
 Fixes #1201
 https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1029
 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 (cherry picked from commit 412777664a20dd3561b936c02c96571a756fe9b2)
 ---
 dix/dispatch.c             | 4 +++-
 hw/xwayland/xwayland.pc.in | 1 +
 include/opaque.h           | 2 ++
 man/Xserver.man            | 6 ++++++
 os/utils.c                 | 9 +++++++++
 5 files changed, 21 insertions(+), 1 deletion(-)
 diff --git a/dix/dispatch.c b/dix/dispatch.c
 index 2efa2dcf1..0570ec07c 100644
 --- a/dix/dispatch.c
 +++ b/dix/dispatch.c
@@ -3777,7 +3777,9 @@ ProcEstablishConnection(ClientPtr client)
     prefix = (xConnClientPrefix *) ((char *) stuff + sz_xReq);
 -    if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix +
 +    if (client->swapped && !AllowByteSwappedClients) {
 +        reason = "Prohibited client endianess, see the Xserver man page ";
 +    } else if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix +
             pad_to_int32(prefix->nbytesAuthProto) +
             pad_to_int32(prefix->nbytesAuthString))
         reason = "Bad length";
 diff --git a/hw/xwayland/xwayland.pc.in b/hw/xwayland/xwayland.pc.in
 index 9d727b002..e920d7608 100644
 --- a/hw/xwayland/xwayland.pc.in
 +++ b/hw/xwayland/xwayland.pc.in
@@ -12,3 +12,4 @@ have_listenfd=true
 have_verbose=true
 have_terminate_delay=true
 have_no_touch_pointer_emulation=true
 +have_byteswappedclients=true
 diff --git a/include/opaque.h b/include/opaque.h
 index 256261c2a..398d4b4e5 100644
 --- a/include/opaque.h
 +++ b/include/opaque.h
@@ -74,4 +74,6 @@ extern _X_EXPORT Bool bgNoneRoot;
 extern _X_EXPORT Bool CoreDump;
 extern _X_EXPORT Bool NoListenAll;
 +extern _X_EXPORT Bool AllowByteSwappedClients;
 +
 #endif                          /* OPAQUE_H */
 diff --git a/man/Xserver.man b/man/Xserver.man
 index 764bd1d90..e7adf9eb3 100644
 --- a/man/Xserver.man
 +++ b/man/Xserver.man
@@ -114,6 +114,12 @@ pattern.   This is the default unless -retro or -wr is specified.
 .B \-bs
 disables backing store support on all screens.
 .TP 8
 +.B \+byteswappedclients
 +Allow connections from clients with an endianess different to that of the server.
 +.TP 8
 +.B \-byteswappedclients
 +Prohibit connections from clients with an endianess different to that of the server.
 +.TP 8
 .B \-c
 turns off key-click.
 .TP 8
 diff --git a/os/utils.c b/os/utils.c
 index c9a8e7367..6f5e64cee 100644
 --- a/os/utils.c
 +++ b/os/utils.c
@@ -189,6 +189,8 @@ Bool CoreDump;
 Bool enableIndirectGLX = FALSE;
 +Bool AllowByteSwappedClients = FALSE;
 +
 #ifdef PANORAMIX
 Bool PanoramiXExtensionDisabledHack = FALSE;
 #endif
@@ -523,6 +525,8 @@ UseMsg(void)
     ErrorF("-br                    create root window with black background\n");
     ErrorF("+bs                    enable any backing store support\n");
     ErrorF("-bs                    disable any backing store support\n");
 +    ErrorF("+byteswappedclients    Allow clients with endianess different to that of the server\n");
 +    ErrorF("-byteswappedclients    Prohibit clients with endianess different to that of the server\n");
     ErrorF("-c                     turns off key-click\n");
     ErrorF("c #                    key-click volume (0-100)\n");
     ErrorF("-cc int                default color visual class\n");
@@ -720,6 +724,11 @@ ProcessCommandLine(int argc, char *argv[])
             else
                 UseMsg();
         }
 +        else if (strcmp(argv[i], "-byteswappedclients") == 0) {
 +            AllowByteSwappedClients = FALSE;
 +        } else if (strcmp(argv[i], "+byteswappedclients") == 0) {
 +            AllowByteSwappedClients = TRUE;
 +        }
         else if (strcmp(argv[i], "-br") == 0);  /* default */
         else if (strcmp(argv[i], "+bs") == 0)
             enableBackingStore = TRUE;
 -- 
 2.39.0
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (xwayland-22.1.8.tar.xz) = f52c6f99d8ef7605bc1c651d5ee5e306c12af30649a2d712b1c4c3cf4c7c80246ae24bd9ac39461d47aafc78f5d659446a459cd6259e05ef3128b204981d114a
+SHA512 (xwayland-23.0.99.901.tar.xz) = 7c9efc47d59a34bca3065dc69142e58a9e2f873d073fe1602077a048a949aeac822f7f4d62ae01205933680699783bd641c913286efda3ebb1ae2fa122dcc67d
--- a/xorg-x11-server-Xwayland.spec
+++ b/xorg-x11-server-Xwayland.spec
@ -8,7 +8,7 @@
 Summary:   Xwayland
 Name:      xorg-x11-server-Xwayland
-Version:   22.1.8
+Version:   23.0.99.901
 Release:   1%{?gitdate:.%{gitdate}git%{shortcommit}}%{?dist}
 URL:       http://www.x.org
@ -18,13 +18,6 @@ Source0:   https://gitlab.freedesktop.org/xorg/%{pkgname}/-/archive/%{commit}/%{
 Source0:   https://www.x.org/pub/individual/xserver/%{pkgname}-%{version}.tar.xz
 %endif
 # Only on F38 and later (patch number starts at 3801, see autopatch below)
 # Disallow byte-swapped clients by default
 # https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1029
 Patch3801: 0001-Fix-some-indentation-issues.patch
 Patch3802: 0002-dix-localize-two-variables.patch
 Patch3803: 0003-Disallow-byte-swapped-clients-by-default.patch
 License:   MIT
 Requires: xorg-x11-server-common
@ -36,13 +29,15 @@ BuildRequires: git-core
 BuildRequires: meson
 BuildRequires: wayland-devel
-BuildRequires: pkgconfig(wayland-client) >= 1.18.0
+BuildRequires: desktop-file-utils
-BuildRequires: pkgconfig(wayland-protocols)
+
 BuildRequires: pkgconfig(wayland-client) >= 1.21.0
 BuildRequires: pkgconfig(wayland-protocols) >= 1.28
 BuildRequires: pkgconfig(wayland-eglstream-protocols)
 BuildRequires: pkgconfig(epoxy) >= 1.5.5
 BuildRequires: pkgconfig(fontenc)
-BuildRequires: pkgconfig(libdrm) >= 2.4.0
+BuildRequires: pkgconfig(libdrm) >= 2.4.89
 BuildRequires: pkgconfig(libssl)
 BuildRequires: pkgconfig(libtirpc)
 BuildRequires: pkgconfig(pixman-1)
@ -65,6 +60,7 @@ BuildRequires: pkgconfig(xtrans) >= 1.3.2
 BuildRequires: pkgconfig(xtst)
 BuildRequires: pkgconfig(xv)
 BuildRequires: pkgconfig(libxcvt)
 BuildRequires: pkgconfig(libdecor-0) >= 0.1.1
 BuildRequires: xorg-x11-proto-devel >= 7.7-10
 BuildRequires: mesa-libGL-devel >= 9.2
@ -99,13 +95,7 @@ The development package provides the developmental files which are
 necessary for developing Wayland compositors using Xwayland.
 %prep
-%autosetup -N -S git_am -n %{pkgname}-%{?gitdate:%{commit}}%{!?gitdate:%{version}}
+%autosetup -S git_am -n %{pkgname}-%{?gitdate:%{commit}}%{!?gitdate:%{version}}
 %if 0%{?fedora} >= 38
 %autopatch
 %else
 %autopatch -M 3800
 %endif
 %build
 %meson \
@ -129,14 +119,21 @@ rm -Rf $RPM_BUILD_ROOT%{_includedir}/xorg
 rm -Rf $RPM_BUILD_ROOT%{_datadir}/aclocal
 rm -Rf $RPM_BUILD_ROOT%{_localstatedir}/lib/xkb
 %check
 desktop-file-validate %{buildroot}%{_datadir}/applications/*.desktop
 %files
 %{_bindir}/Xwayland
 %{_mandir}/man1/Xwayland.1*
 %{_datadir}/applications/org.freedesktop.Xwayland.desktop
 %files devel
 %{_libdir}/pkgconfig/xwayland.pc
 %changelog
 * Wed Feb 22 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.0.99.901
 - xwayland 23.0.99.901 (xwayland 23.1.0 rc1) - (#2172415)
 * Tue Feb  7 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.8-1
 - xwayland 22.1.8
  Fixes CVE-2023-0494 (#2165995, #2167566, #2167734)
`@ -1 +1 @@`
	`SHA512 (xwayland-22.1.8.tar.xz) = f52c6f99d8ef7605bc1c651d5ee5e306c12af30649a2d712b1c4c3cf4c7c80246ae24bd9ac39461d47aafc78f5d659446a459cd6259e05ef3128b204981d114a`	`SHA512 (xwayland-23.0.99.901.tar.xz) = 7c9efc47d59a34bca3065dc69142e58a9e2f873d073fe1602077a048a949aeac822f7f4d62ae01205933680699783bd641c913286efda3ebb1ae2fa122dcc67d`