diff options
| author | Gluzskiy Alexandr <sss123next@list.ru> | 2016-11-16 16:17:00 +0300 |
|---|---|---|
| committer | Gluzskiy Alexandr <sss123next@list.ru> | 2016-11-16 16:17:00 +0300 |
| commit | 0e59ba2a077fefec1380b177edf3c1fa6ca69e80 (patch) | |
| tree | 67effca017dff8da888ae4dfd7001d5971b933ac /x11-base | |
| parent | dd62b119b237dbb1e047186cec3a8b53c65b4db7 (diff) | |
wine: sync with gentoo upstream (looks like separated ebuild does not required anymore)
removed outdated eclasses
Diffstat (limited to 'x11-base')
23 files changed, 1977 insertions, 0 deletions
diff --git a/x11-base/xorg-drivers/xorg-drivers-9999.ebuild b/x11-base/xorg-drivers/xorg-drivers-9999.ebuild new file mode 100644 index 0000000..61d4881 --- /dev/null +++ b/x11-base/xorg-drivers/xorg-drivers-9999.ebuild @@ -0,0 +1,170 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +DESCRIPTION="Meta package containing deps on all xorg drivers" +HOMEPAGE="https://www.gentoo.org/" +SRC_URI="" + +LICENSE="metapackage" +SLOT="0" +KEYWORDS="" + +IUSE_INPUT_DEVICES=" + input_devices_acecad + input_devices_aiptek + input_devices_elographics + input_devices_evdev + input_devices_fpit + input_devices_hyperpen + input_devices_joystick + input_devices_keyboard + input_devices_libinput + input_devices_mouse + input_devices_mutouch + input_devices_penmount + input_devices_tslib + input_devices_vmmouse + input_devices_void + input_devices_synaptics + input_devices_wacom +" +IUSE_VIDEO_CARDS=" + video_cards_amdgpu + video_cards_apm + video_cards_ast + video_cards_chips + video_cards_cirrus + video_cards_dummy + video_cards_epson + video_cards_fbdev + video_cards_freedreno + video_cards_geode + video_cards_glint + video_cards_i128 + video_cards_i740 + video_cards_intel + video_cards_mach64 + video_cards_mga + video_cards_neomagic + video_cards_nouveau + video_cards_nv + video_cards_omap + video_cards_omapfb + video_cards_qxl + video_cards_r128 + video_cards_radeon + video_cards_radeonsi + video_cards_rendition + video_cards_s3 + video_cards_s3virge + video_cards_savage + video_cards_siliconmotion + video_cards_sisusb + video_cards_sunbw2 + video_cards_suncg14 + video_cards_suncg3 + video_cards_suncg6 + video_cards_sunffb + video_cards_sunleo + video_cards_suntcx + video_cards_tdfx + video_cards_tegra + video_cards_tga + video_cards_trident + video_cards_tseng + video_cards_vesa + video_cards_via + video_cards_virtualbox + video_cards_vmware + video_cards_voodoo + video_cards_fglrx + video_cards_nvidia +" + +IUSE="${IUSE_VIDEO_CARDS} ${IUSE_INPUT_DEVICES}" + +PDEPEND=" + input_devices_acecad? ( x11-drivers/xf86-input-acecad ) + input_devices_aiptek? ( x11-drivers/xf86-input-aiptek ) + input_devices_elographics? ( x11-drivers/xf86-input-elographics ) + input_devices_evdev? ( x11-drivers/xf86-input-evdev ) + input_devices_fpit? ( x11-drivers/xf86-input-fpit ) + input_devices_hyperpen? ( x11-drivers/xf86-input-hyperpen ) + input_devices_joystick? ( x11-drivers/xf86-input-joystick ) + input_devices_keyboard? ( x11-drivers/xf86-input-keyboard ) + input_devices_libinput? ( x11-drivers/xf86-input-libinput ) + input_devices_mouse? ( x11-drivers/xf86-input-mouse ) + input_devices_mutouch? ( x11-drivers/xf86-input-mutouch ) + input_devices_penmount? ( x11-drivers/xf86-input-penmount ) + input_devices_tslib? ( x11-drivers/xf86-input-tslib ) + input_devices_vmmouse? ( x11-drivers/xf86-input-vmmouse ) + input_devices_void? ( x11-drivers/xf86-input-void ) + input_devices_synaptics? ( x11-drivers/xf86-input-synaptics ) + input_devices_wacom? ( x11-drivers/xf86-input-wacom ) + + video_cards_amdgpu? ( x11-drivers/xf86-video-amdgpu ) + video_cards_apm? ( x11-drivers/xf86-video-apm ) + video_cards_ast? ( x11-drivers/xf86-video-ast ) + video_cards_chips? ( x11-drivers/xf86-video-chips ) + video_cards_cirrus? ( x11-drivers/xf86-video-cirrus ) + video_cards_dummy? ( x11-drivers/xf86-video-dummy ) + video_cards_fbdev? ( x11-drivers/xf86-video-fbdev ) + video_cards_freedreno? ( x11-drivers/xf86-video-freedreno ) + video_cards_geode? ( x11-drivers/xf86-video-geode ) + video_cards_glint? ( x11-drivers/xf86-video-glint ) + video_cards_i128? ( x11-drivers/xf86-video-i128 ) + video_cards_i740? ( x11-drivers/xf86-video-i740 ) + video_cards_intel? ( x11-drivers/xf86-video-intel ) + video_cards_mach64? ( x11-drivers/xf86-video-mach64 ) + video_cards_mga? ( x11-drivers/xf86-video-mga ) + video_cards_neomagic? ( x11-drivers/xf86-video-neomagic ) + video_cards_nouveau? ( x11-drivers/xf86-video-nouveau ) + video_cards_nv? ( x11-drivers/xf86-video-nv ) + video_cards_omap? ( x11-drivers/xf86-video-omap ) + video_cards_omapfb? ( x11-drivers/xf86-video-omapfb ) + video_cards_qxl? ( x11-drivers/xf86-video-qxl ) + video_cards_nvidia? ( x11-drivers/nvidia-drivers ) + video_cards_fglrx? ( x11-drivers/ati-drivers ) + video_cards_r128? ( x11-drivers/xf86-video-r128 ) + video_cards_radeon? ( x11-drivers/xf86-video-ati ) + video_cards_radeonsi? ( x11-drivers/xf86-video-ati[glamor] ) + video_cards_rendition? ( x11-drivers/xf86-video-rendition ) + video_cards_s3? ( x11-drivers/xf86-video-s3 ) + video_cards_s3virge? ( x11-drivers/xf86-video-s3virge ) + video_cards_savage? ( x11-drivers/xf86-video-savage ) + video_cards_siliconmotion? ( x11-drivers/xf86-video-siliconmotion ) + video_cards_sisusb? ( x11-drivers/xf86-video-sisusb ) + video_cards_suncg14? ( x11-drivers/xf86-video-suncg14 ) + video_cards_suncg3? ( x11-drivers/xf86-video-suncg3 ) + video_cards_suncg6? ( x11-drivers/xf86-video-suncg6 ) + video_cards_sunffb? ( x11-drivers/xf86-video-sunffb ) + video_cards_sunleo? ( x11-drivers/xf86-video-sunleo ) + video_cards_suntcx? ( x11-drivers/xf86-video-suntcx ) + video_cards_tdfx? ( x11-drivers/xf86-video-tdfx ) + video_cards_tegra? ( x11-drivers/xf86-video-opentegra ) + video_cards_tga? ( x11-drivers/xf86-video-tga ) + video_cards_trident? ( x11-drivers/xf86-video-trident ) + video_cards_tseng? ( x11-drivers/xf86-video-tseng ) + video_cards_vesa? ( x11-drivers/xf86-video-vesa ) + video_cards_via? ( x11-drivers/xf86-video-openchrome ) + video_cards_virtualbox? ( x11-drivers/xf86-video-virtualbox ) + video_cards_vmware? ( x11-drivers/xf86-video-vmware ) + video_cards_voodoo? ( x11-drivers/xf86-video-voodoo ) + + !x11-drivers/xf86-input-citron + !x11-drivers/xf86-video-cyrix + !x11-drivers/xf86-video-impact + !x11-drivers/xf86-video-nsc + !x11-drivers/xf86-video-sunbw2 + !<=x11-drivers/xf86-video-ark-0.7.5 + !<=x11-drivers/xf86-video-newport-0.2.4 + !<=x11-drivers/xf86-video-sis-0.10.7 + !<=x11-drivers/xf86-video-v4l-0.2.0 + !<x11-drivers/xf86-input-evdev-2.10.0 + !<x11-drivers/xf86-video-ati-7.6.1 + !<x11-drivers/xf86-video-intel-2.99.917_p20160122 + !<x11-drivers/xf86-video-nouveau-1.0.12 +" diff --git a/x11-base/xorg-server/files/xdm-setup.initd-1 b/x11-base/xorg-server/files/xdm-setup.initd-1 new file mode 100644 index 0000000..917cd12 --- /dev/null +++ b/x11-base/xorg-server/files/xdm-setup.initd-1 @@ -0,0 +1,14 @@ +#!/sbin/openrc-run +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need localmount +} + +start() { + if get_bootparam "nox" ; then + touch /etc/.noxdm + fi +} diff --git a/x11-base/xorg-server/files/xdm.confd-4 b/x11-base/xorg-server/files/xdm.confd-4 new file mode 100644 index 0000000..c82fece --- /dev/null +++ b/x11-base/xorg-server/files/xdm.confd-4 @@ -0,0 +1,10 @@ +# We always try and start X on a static VT. The various DMs normally default +# to using VT7. If you wish to use the xdm init script, then you should ensure +# that the VT checked is the same VT your DM wants to use. We do this check to +# ensure that you haven't accidentally configured something to run on the VT +# in your /etc/inittab file so that you don't get a dead keyboard. +CHECKVT=7 + +# What display manager do you use ? [ xdm | gdm | kdm | gpe | entrance ] +# NOTE: If this is set in /etc/rc.conf, that setting will override this one. +DISPLAYMANAGER="xdm" diff --git a/x11-base/xorg-server/files/xdm.initd-11 b/x11-base/xorg-server/files/xdm.initd-11 new file mode 100644 index 0000000..70b81c0 --- /dev/null +++ b/x11-base/xorg-server/files/xdm.initd-11 @@ -0,0 +1,231 @@ +#!/sbin/openrc-run +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 +# $Id$ + +# This is here to serve as a note to myself, and future developers. +# +# Any Display manager (gdm,kdm,xdm) has the following problem: if +# it is started before any getty, and no vt is specified, it will +# usually run on vt2. When the getty on vt2 then starts, and the +# DM is already started, the getty will take control of the keyboard, +# leaving us with a "dead" keyboard. +# +# Resolution: add the following line to /etc/inittab +# +# x:a:once:/etc/X11/startDM.sh +# +# and have /etc/X11/startDM.sh start the DM in daemon mode if +# a lock is present (with the info of what DM should be started), +# else just fall through. +# +# How this basically works, is the "a" runlevel is a additional +# runlevel that you can use to fork processes with init, but the +# runlevel never gets changed to this runlevel. Along with the "a" +# runlevel, the "once" key word means that startDM.sh will only be +# run when we specify it to run, thus eliminating respawning +# startDM.sh when "xdm" is not added to the default runlevel, as was +# done previously. +# +# This script then just calls "telinit a", and init will run +# /etc/X11/startDM.sh after the current runlevel completes (this +# script should only be added to the actual runlevel the user is +# using). +# +# Martin Schlemmer +# aka Azarah +# 04 March 2002 + +depend() { + need localmount xdm-setup + + # this should start as early as possible + # we can't do 'before *' as that breaks it + # (#139824) Start after ypbind and autofs for network authentication + # (#145219 #180163) Could use lirc mouse as input device + # (#70689 comment #92) Start after consolefont to avoid display corruption + # (#291269) Start after quota, since some dm need readable home + # (#390609) gdm-3 will fail when dbus is not running + # (#366753) starting keymaps after X causes problems + after bootmisc consolefont modules netmount + after readahead-list ypbind autofs openvpn gpm lircmd + after quota keymaps + before alsasound + + # Start before X + use consolekit dbus xfs +} + +setup_dm() { + local MY_XDM + + MY_XDM=$(echo "${DISPLAYMANAGER}" | tr '[:upper:]' '[:lower:]') + + # Load our root path from profile.env + # Needed for kdm + PATH=${PATH}:$(. /etc/profile.env; echo "${ROOTPATH}") + + NAME= + case "${MY_XDM}" in + kdm|kde) + EXE=/usr/bin/kdm + PIDFILE=/run/kdm.pid + ;; + entrance*) + EXE=/usr/sbin/entrance + PIDFILE=/run/entrance.pid + ;; + gdm|gnome) + # gdm-3 and above has different paths + if [ -f /usr/sbin/gdm ]; then + EXE=/usr/sbin/gdm + PIDFILE=/run/gdm/gdm.pid + START_STOP_ARGS="--background" + AUTOCLEAN_CGROUP="yes" + else + EXE=/usr/bin/gdm + PIDFILE=/run/gdm.pid + fi + [ "${RC_UNAME}" != "Linux" ] && NAME=gdm-binary + ;; + wdm) + EXE=/usr/bin/wdm + PIDFILE= + ;; + gpe) + EXE=/usr/bin/gpe-dm + PIDFILE=/run/gpe-dm.pid + ;; + lxdm) + EXE=/usr/sbin/lxdm-binary + PIDFILE=/run/lxdm.pid + START_STOP_ARGS="--background" + ;; + lightdm) + EXE=/usr/sbin/lightdm + PIDFILE=/run/lightdm.pid + START_STOP_ARGS="--background" + ;; + sddm) + EXE="/usr/bin/sddm" + START_STOP_ARGS="-m --background" + PIDFILE=/run/sddm.pid + ;; + *) + # first find out if there is such executable + EXE="$(command -v ${MY_XDM} 2>/dev/null)" + PIDFILE="/run/${MY_XDM}.pid" + + # warn user that he is doing sick things if the exe was not found + if [ -z "${EXE}" ]; then + echo "ERROR: Your XDM value is invalid." + echo " No ${MY_XDM} executable could be found on your system." + fi + ;; + esac + + if ! [ -x "${EXE}" ]; then + EXE=/usr/bin/xdm + PIDFILE=/run/xdm.pid + if ! [ -x "/usr/bin/xdm" ]; then + echo "ERROR: Please set your DISPLAYMANAGER variable in /etc/conf.d/xdm," + echo " or install x11-apps/xdm package" + eend 255 + fi + fi +} + +# Check to see if something is defined on our VT +vtstatic() { + if [ -e /etc/inittab ] ; then + grep -Eq "^[^#]+.*\<tty$1\>" /etc/inittab + elif [ -e /etc/ttys ] ; then + grep -q "^ttyv$(($1 - 1))" /etc/ttys + else + return 1 + fi +} + +start() { + local EXE NAME PIDFILE AUTOCLEAN_CGROUP + setup_dm + + if [ -f /etc/.noxdm ]; then + einfo "Skipping ${EXE##*/}, /etc/.noxdm found or \"nox\" bootparam passed." + rm /etc/.noxdm + return 0 + fi + + ebegin "Setting up ${EXE##*/}" + + # save the prefered DM + save_options "service" "${EXE}" + save_options "name" "${NAME}" + save_options "pidfile" "${PIDFILE}" + save_options "start_stop_args" "${START_STOP_ARGS}" + save_options "autoclean_cgroup" "${AUTOCLEAN_CGROUP:-no}" + + if [ -n "${CHECKVT-y}" ] ; then + if vtstatic "${CHECKVT:-7}" ; then + if [ -x /sbin/telinit ] && [ "${SOFTLEVEL}" != "BOOT" ] && [ "${RC_SOFTLEVEL}" != "BOOT" ]; then + ewarn "Something is already defined on VT ${CHECKVT:-7}, will start X later" + telinit a >/dev/null 2>&1 + return 0 + else + eerror "Something is already defined on VT ${CHECKVT:-7}, not starting" + return 1 + fi + fi + fi + + /etc/X11/startDM.sh + eend 0 +} + +stop() { + local curvt retval + + retval=0 + if [ -t 0 ]; then + if type fgconsole >/dev/null 2>&1; then + curvt=$(fgconsole 2>/dev/null) + else + curvt=$(tty) + case "${curvt}" in + /dev/ttyv[0-9]*) curvt=${curvt#/dev/ttyv} ;; + *) curvt= ;; + esac + fi + fi + local myexe myname mypidfile myservice + myexe=$(get_options "service") + myname=$(get_options "name") + mypidfile=$(get_options "pidfile") + myservice=${myexe##*/} + yesno "${rc_cgroup_cleanup:-no}" || rc_cgroup_cleanup=$(get_options "autoclean_cgroup") + + [ -z "${myexe}" ] && return 0 + + ebegin "Stopping ${myservice}" + + if start-stop-daemon --quiet --test --stop --exec "${myexe}"; then + start-stop-daemon --stop --exec "${myexe}" --retry TERM/5/TERM/5 \ + ${mypidfile:+--pidfile} ${mypidfile} \ + ${myname:+--name} ${myname} + retval=${?} + fi + + # switch back to original vt + if [ -n "${curvt}" ]; then + if type chvt >/dev/null 2>&1; then + chvt "${curvt}" + else + vidcontrol -s "$((curvt + 1))" + fi + fi + + eend ${retval} "Error stopping ${myservice}" + return ${retval} +} + +# vim: set ts=4 : diff --git a/x11-base/xorg-server/files/xdm.initd-9 b/x11-base/xorg-server/files/xdm.initd-9 new file mode 100644 index 0000000..11b4f19 --- /dev/null +++ b/x11-base/xorg-server/files/xdm.initd-9 @@ -0,0 +1,216 @@ +#!/sbin/openrc-run +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 +# $Id$ + +# This is here to serve as a note to myself, and future developers. +# +# Any Display manager (gdm,kdm,xdm) has the following problem: if +# it is started before any getty, and no vt is specified, it will +# usually run on vt2. When the getty on vt2 then starts, and the +# DM is already started, the getty will take control of the keyboard, +# leaving us with a "dead" keyboard. +# +# Resolution: add the following line to /etc/inittab +# +# x:a:once:/etc/X11/startDM.sh +# +# and have /etc/X11/startDM.sh start the DM in daemon mode if +# a lock is present (with the info of what DM should be started), +# else just fall through. +# +# How this basically works, is the "a" runlevel is a additional +# runlevel that you can use to fork processes with init, but the +# runlevel never gets changed to this runlevel. Along with the "a" +# runlevel, the "once" key word means that startDM.sh will only be +# run when we specify it to run, thus eliminating respawning +# startDM.sh when "xdm" is not added to the default runlevel, as was +# done previously. +# +# This script then just calls "telinit a", and init will run +# /etc/X11/startDM.sh after the current runlevel completes (this +# script should only be added to the actual runlevel the user is +# using). +# +# Martin Schlemmer +# aka Azarah +# 04 March 2002 + +depend() { + need localmount xdm-setup + + # this should start as early as possible + # we can't do 'before *' as that breaks it + # (#139824) Start after ypbind and autofs for network authentication + # (#145219 #180163) Could use lirc mouse as input device + # (#70689 comment #92) Start after consolefont to avoid display corruption + # (#291269) Start after quota, since some dm need readable home + # (#390609) gdm-3 will fail when dbus is not running + # (#366753) starting keymaps after X causes problems + after bootmisc consolefont modules netmount + after readahead-list ypbind autofs openvpn gpm lircmd + after quota keymaps + before alsasound + + # Start before X + use consolekit dbus xfs +} + +setup_dm() { + local MY_XDM + + MY_XDM=$(echo "${DISPLAYMANAGER}" | tr '[:upper:]' '[:lower:]') + + # Load our root path from profile.env + # Needed for kdm + PATH=${PATH}:$(. /etc/profile.env; echo "${ROOTPATH}") + + NAME= + case "${MY_XDM}" in + kdm|kde) + EXE=/usr/bin/kdm + PIDFILE=/var/run/kdm.pid + ;; + entrance*) + EXE=/usr/sbin/entrance + PIDFILE=/var/run/entrance.pid + ;; + gdm|gnome) + EXE=/usr/bin/gdm + [ "${RC_UNAME}" != "Linux" ] && NAME=gdm-binary + PIDFILE=/var/run/gdm.pid + ;; + wdm) + EXE=/usr/bin/wdm + PIDFILE= + ;; + gpe) + EXE=/usr/bin/gpe-dm + PIDFILE=/var/run/gpe-dm.pid + ;; + lxdm) + EXE=/usr/sbin/lxdm-binary + PIDFILE=/var/run/lxdm.pid + START_STOP_ARGS="--background" + ;; + lightdm) + EXE=/usr/sbin/lightdm + PIDFILE=/var/run/lightdm.pid + START_STOP_ARGS="--background" + ;; + *) + # first find out if there is such executable + EXE="$(command -v ${MY_XDM} 2>/dev/null)" + PIDFILE="/var/run/${MY_XDM}.pid" + + # warn user that he is doing sick things if the exe was not found + if [ -z "${EXE}" ]; then + echo "ERROR: Your XDM value is invalid." + echo " No ${MY_XDM} executable could be found on your system." + fi + ;; + esac + + if ! [ -x "${EXE}" ]; then + EXE=/usr/bin/xdm + PIDFILE=/var/run/xdm.pid + if ! [ -x "/usr/bin/xdm" ]; then + echo "ERROR: Please set your DISPLAYMANAGER variable in /etc/conf.d/xdm," + echo " or install x11-apps/xdm package" + eend 255 + fi + fi +} + +# Check to see if something is defined on our VT +vtstatic() { + if [ -e /etc/inittab ] ; then + grep -Eq "^[^#]+.*\<tty$1\>" /etc/inittab + elif [ -e /etc/ttys ] ; then + grep -q "^ttyv$(($1 - 1))" /etc/ttys + else + return 1 + fi +} + +start() { + local EXE NAME PIDFILE + setup_dm + + if [ -f /etc/.noxdm ]; then + einfo "Skipping ${EXE##*/}, /etc/.noxdm found or \"nox\" bootparam passed." + rm /etc/.noxdm + return 0 + fi + + ebegin "Setting up ${EXE##*/}" + + # save the prefered DM + save_options "service" "${EXE}" + save_options "name" "${NAME}" + save_options "pidfile" "${PIDFILE}" + save_options "start_stop_args" "${START_STOP_ARGS}" + + if [ -n "${CHECKVT-y}" ] ; then + if vtstatic "${CHECKVT:-7}" ; then + if [ -x /sbin/telinit ] && [ "${SOFTLEVEL}" != "BOOT" ] && [ "${RC_SOFTLEVEL}" != "BOOT" ]; then + ewarn "Something is already defined on VT ${CHECKVT:-7}, will start X later" + telinit a >/dev/null 2>&1 + return 0 + else + eerror "Something is already defined on VT ${CHECKVT:-7}, not starting" + return 1 + fi + fi + fi + + /etc/X11/startDM.sh + eend 0 +} + +stop() { + local curvt retval + + retval=0 + if [ -t 0 ]; then + if type fgconsole >/dev/null 2>&1; then + curvt=$(fgconsole 2>/dev/null) + else + curvt=$(tty) + case "${curvt}" in + /dev/ttyv[0-9]*) curvt=${curvt#/dev/ttyv} ;; + *) curvt= ;; + esac + fi + fi + local myexe myname mypidfile myservice + myexe=$(get_options "service") + myname=$(get_options "name") + mypidfile=$(get_options "pidfile") + myservice=${myexe##*/} + + [ -z "${myexe}" ] && return 0 + + ebegin "Stopping ${myservice}" + + if start-stop-daemon --quiet --test --stop --exec "${myexe}"; then + start-stop-daemon --stop --exec "${myexe}" --retry TERM/5/TERM/5 \ + ${mypidfile:+--pidfile} ${mypidfile} \ + ${myname:+--name} ${myname} + retval=${?} + fi + + # switch back to original vt + if [ -n "${curvt}" ]; then + if type chvt >/dev/null 2>&1; then + chvt "${curvt}" + else + vidcontrol -s "$((curvt + 1))" + fi + fi + + eend ${retval} "Error stopping ${myservice}" + return ${retval} +} + +# vim: set ts=4 : diff --git a/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-1940.patch b/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-1940.patch new file mode 100644 index 0000000..d85494f --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-1940.patch @@ -0,0 +1,34 @@ +From 6ca03b9161d33b1d2b55a3a1a913cf88deb2343f Mon Sep 17 00:00:00 2001 +From: Dave Airlie <airlied@gmail.com> +Date: Wed, 10 Apr 2013 06:09:01 +0000 +Subject: xf86: fix flush input to work with Linux evdev devices. + +So when we VT switch back and attempt to flush the input devices, +we don't succeed because evdev won't return part of an event, +since we were only asking for 4 bytes, we'd only get -EINVAL back. + +This could later cause events to be flushed that we shouldn't have +gotten. + +This is a fix for CVE-2013-1940. + +Signed-off-by: Dave Airlie <airlied@redhat.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +--- +diff --git a/hw/xfree86/os-support/shared/posix_tty.c b/hw/xfree86/os-support/shared/posix_tty.c +index ab3757a..4d08c1e 100644 +--- a/hw/xfree86/os-support/shared/posix_tty.c ++++ b/hw/xfree86/os-support/shared/posix_tty.c +@@ -421,7 +421,8 @@ xf86FlushInput(int fd) + { + fd_set fds; + struct timeval timeout; +- char c[4]; ++ /* this needs to be big enough to flush an evdev event. */ ++ char c[256]; + + DebugF("FlushingSerial\n"); + if (tcflush(fd, TCIFLUSH) == 0) +-- +cgit v0.9.0.2-2-gbebe diff --git a/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-4396.patch b/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-4396.patch new file mode 100644 index 0000000..4b6727e --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-cve-2013-4396.patch @@ -0,0 +1,75 @@ +From 7bddc2ba16a2a15773c2ea8947059afa27727764 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@oracle.com> +Date: Mon, 16 Sep 2013 21:47:16 -0700 +Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText() + [CVE-2013-4396] + +Save a pointer to the passed in closure structure before copying it +and overwriting the *c pointer to point to our copy instead of the +original. If we hit an error, once we free(c), reset c to point to +the original structure before jumping to the cleanup code that +references *c. + +Since one of the errors being checked for is whether the server was +able to malloc(c->nChars * itemSize), the client can potentially pass +a number of characters chosen to cause the malloc to fail and the +error path to be taken, resulting in the read from freed memory. + +Since the memory is accessed almost immediately afterwards, and the +X server is mostly single threaded, the odds of the free memory having +invalid contents are low with most malloc implementations when not using +memory debugging features, but some allocators will definitely overwrite +the memory there, leading to a likely crash. + +Reported-by: Pedro Ribeiro <pedrib@gmail.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Julien Cristau <jcristau@debian.org> +--- + dix/dixfonts.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/dix/dixfonts.c b/dix/dixfonts.c +index feb765d..2e34d37 100644 +--- a/dix/dixfonts.c ++++ b/dix/dixfonts.c +@@ -1425,6 +1425,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1436,12 +1437,14 @@ doImageText(ClientPtr client, ITclosurePtr c) + err = BadAlloc; + goto bail; + } ++ old_closure = c; + *new_closure = *c; + c = new_closure; + + data = malloc(c->nChars * itemSize); + if (!data) { + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1452,6 +1455,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + if (!pGC) { + free(c->data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1464,6 +1468,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + FreeScratchGC(pGC); + free(c->data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +-- +1.7.9.2 diff --git a/x11-base/xorg-server/files/xorg-server-1.12-cve-2015-3418.patch b/x11-base/xorg-server/files/xorg-server-1.12-cve-2015-3418.patch new file mode 100644 index 0000000..4b6a6ae --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-cve-2015-3418.patch @@ -0,0 +1,29 @@ +From dc777c346d5d452a53b13b917c45f6a1bad2f20b Mon Sep 17 00:00:00 2001 +From: Keith Packard <keithp@keithp.com> +Date: Sat, 3 Jan 2015 08:46:45 -0800 +Subject: dix: Allow zero-height PutImage requests + +The length checking code validates PutImage height and byte width by +making sure that byte-width >= INT32_MAX / height. If height is zero, +this generates a divide by zero exception. Allow zero height requests +explicitly, bypassing the INT32_MAX check. + +Signed-off-by: Keith Packard <keithp@keithp.com> +Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> + +diff --git a/dix/dispatch.c b/dix/dispatch.c +index 55b978d..9044ac7 100644 +--- a/dix/dispatch.c ++++ b/dix/dispatch.c +@@ -2000,7 +2000,7 @@ ProcPutImage(ClientPtr client) + tmpImage = (char *) &stuff[1]; + lengthProto = length; + +- if (lengthProto >= (INT32_MAX / stuff->height)) ++ if (stuff->height != 0 && lengthProto >= (INT32_MAX / stuff->height)) + return BadLength; + + if ((bytes_to_int32(lengthProto * stuff->height) + +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.12-disable-acpi.patch b/x11-base/xorg-server/files/xorg-server-1.12-disable-acpi.patch new file mode 100644 index 0000000..df43dbd --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-disable-acpi.patch @@ -0,0 +1,11 @@ +diff -ur a/configure.ac b/configure.ac +--- a/configure.ac 2011-10-31 19:40:02.000000000 +0100 ++++ b/configure.ac 2011-10-31 19:41:02.372745481 +0100 +@@ -1624,7 +1624,6 @@ + linux_alpha=yes + ;; + i*86|amd64*|x86_64*|ia64*) +- linux_acpi="yes" + ;; + *) + ;; diff --git a/x11-base/xorg-server/files/xorg-server-1.12-ia64-fix_inx_outx.patch b/x11-base/xorg-server/files/xorg-server-1.12-ia64-fix_inx_outx.patch new file mode 100644 index 0000000..24a5a02 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-ia64-fix_inx_outx.patch @@ -0,0 +1,60 @@ +diff -r --context xorg-server-1.12.3/hw/xfree86/common/compiler.h xorg-server-1.12.3-fix/hw/xfree86/common/compiler.h +*** xorg-server-1.12.3/hw/xfree86/common/compiler.h 2012-07-06 07:17:19.000000000 +0200 +--- xorg-server-1.12.3-fix/hw/xfree86/common/compiler.h 2012-08-29 00:14:39.000000000 +0200 +*************** +*** 421,426 **** +--- 421,474 ---- + #include <machine/pio.h> + #endif /* __NetBSD__ */ + ++ #elif defined(linux) && defined(__ia64__) ++ /* for Linux on ia64, we use the LIBC _inx/_outx routines */ ++ /* note that the appropriate setup via "ioperm" needs to be done */ ++ /* *before* any inx/outx is done. */ ++ ++ extern _X_EXPORT void _outb(unsigned char val, unsigned long port); ++ extern _X_EXPORT void _outw(unsigned short val, unsigned long port); ++ extern _X_EXPORT void _outl(unsigned int val, unsigned long port); ++ extern _X_EXPORT unsigned int _inb(unsigned long port); ++ extern _X_EXPORT unsigned int _inw(unsigned long port); ++ extern _X_EXPORT unsigned int _inl(unsigned long port); ++ ++ static __inline__ void ++ outb(unsigned long port, unsigned char val) ++ { ++ _outb(val, port); ++ } ++ ++ static __inline__ void ++ outw(unsigned long port, unsigned short val) ++ { ++ _outw(val, port); ++ } ++ ++ static __inline__ void ++ outl(unsigned long port, unsigned int val) ++ { ++ _outl(val, port); ++ } ++ ++ static __inline__ unsigned int ++ inb(unsigned long port) ++ { ++ return _inb(port); ++ } ++ ++ static __inline__ unsigned int ++ inw(unsigned long port) ++ { ++ return _inw(port); ++ } ++ ++ static __inline__ unsigned int ++ inl(unsigned long port) ++ { ++ return _inl(port); ++ } ++ + #elif (defined(linux) || defined(__FreeBSD__)) && defined(__amd64__) + + #include <inttypes.h> diff --git a/x11-base/xorg-server/files/xorg-server-1.12-unloadsubmodule.patch b/x11-base/xorg-server/files/xorg-server-1.12-unloadsubmodule.patch new file mode 100644 index 0000000..57c7349 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.12-unloadsubmodule.patch @@ -0,0 +1,53 @@ +diff -u13 -r xorg-server-1.12.3-old/hw/xfree86/loader/loadmod.c xorg-server-1.12.3/hw/xfree86/loader/loadmod.c +--- xorg-server-1.12.3-old/hw/xfree86/loader/loadmod.c 2012-09-05 18:26:42.000000000 +0200 ++++ xorg-server-1.12.3/hw/xfree86/loader/loadmod.c 2012-09-05 18:28:54.000000000 +0200 +@@ -1109,39 +1109,38 @@ + static void + RemoveChild(ModuleDescPtr child) + { + ModuleDescPtr mdp; + ModuleDescPtr prevsib; + ModuleDescPtr parent; + + if (!child->parent) + return; + + parent = child->parent; + if (parent->child == child) { + parent->child = child->sib; +- return; +- } +- +- prevsib = parent->child; +- mdp = prevsib->sib; +- while (mdp && mdp != child) { +- prevsib = mdp; +- mdp = mdp->sib; ++ } ++ else { ++ prevsib = parent->child; ++ mdp = prevsib->sib; ++ while (mdp && mdp != child) { ++ prevsib = mdp; ++ mdp = mdp->sib; ++ } ++ if (mdp == child) ++ prevsib->sib = child->sib; + } +- if (mdp == child) +- prevsib->sib = child->sib; + child->sib = NULL; +- return; + } + + void + LoaderErrorMsg(const char *name, const char *modname, int errmaj, int errmin) + { + const char *msg; + MessageType type = X_ERROR; + + switch (errmaj) { + case LDR_NOERROR: + msg = "no error"; + break; + case LDR_NOMEM: diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-0.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-0.patch new file mode 100644 index 0000000..9540e31 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-0.patch @@ -0,0 +1,102 @@ +From 81c90dc8f0aae3b65730409b1b615b5fa7280ebd Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan <ofourdan@redhat.com> +Date: Fri, 16 Jan 2015 20:08:59 +0100 +Subject: xkb: Don't swap XkbSetGeometry data in the input buffer + +The XkbSetGeometry request embeds data which needs to be swapped when the +server and the client have different endianess. + +_XkbSetGeometry() invokes functions that swap these data directly in the +input buffer. + +However, ProcXkbSetGeometry() may call _XkbSetGeometry() more than once +(if there is more than one keyboard), thus causing on swapped clients the +same data to be swapped twice in memory, further causing a server crash +because the strings lengths on the second time are way off bounds. + +To allow _XkbSetGeometry() to run reliably more than once with swapped +clients, do not swap the data in the buffer, use variables instead. + +Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index 15c7f34..b9a3ac4 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -4961,14 +4961,13 @@ static char * + _GetCountedString(char **wire_inout, Bool swap) + { + char *wire, *str; +- CARD16 len, *plen; ++ CARD16 len; + + wire = *wire_inout; +- plen = (CARD16 *) wire; ++ len = *(CARD16 *) wire; + if (swap) { +- swaps(plen); ++ swaps(&len); + } +- len = *plen; + str = malloc(len + 1); + if (str) { + memcpy(str, &wire[2], len); +@@ -4985,25 +4984,28 @@ _CheckSetDoodad(char **wire_inout, + { + char *wire; + xkbDoodadWireDesc *dWire; ++ xkbAnyDoodadWireDesc any; ++ xkbTextDoodadWireDesc text; + XkbDoodadPtr doodad; + + dWire = (xkbDoodadWireDesc *) (*wire_inout); ++ any = dWire->any; + wire = (char *) &dWire[1]; + if (client->swapped) { +- swapl(&dWire->any.name); +- swaps(&dWire->any.top); +- swaps(&dWire->any.left); +- swaps(&dWire->any.angle); ++ swapl(&any.name); ++ swaps(&any.top); ++ swaps(&any.left); ++ swaps(&any.angle); + } + CHK_ATOM_ONLY(dWire->any.name); +- doodad = XkbAddGeomDoodad(geom, section, dWire->any.name); ++ doodad = XkbAddGeomDoodad(geom, section, any.name); + if (!doodad) + return BadAlloc; + doodad->any.type = dWire->any.type; + doodad->any.priority = dWire->any.priority; +- doodad->any.top = dWire->any.top; +- doodad->any.left = dWire->any.left; +- doodad->any.angle = dWire->any.angle; ++ doodad->any.top = any.top; ++ doodad->any.left = any.left; ++ doodad->any.angle = any.angle; + switch (doodad->any.type) { + case XkbOutlineDoodad: + case XkbSolidDoodad: +@@ -5026,12 +5028,13 @@ _CheckSetDoodad(char **wire_inout, + dWire->text.colorNdx); + return BadMatch; + } ++ text = dWire->text; + if (client->swapped) { +- swaps(&dWire->text.width); +- swaps(&dWire->text.height); ++ swaps(&text.width); ++ swaps(&text.height); + } +- doodad->text.width = dWire->text.width; +- doodad->text.height = dWire->text.height; ++ doodad->text.width = text.width; ++ doodad->text.height = text.height; + doodad->text.color_ndx = dWire->text.colorNdx; + doodad->text.text = _GetCountedString(&wire, client->swapped); + doodad->text.font = _GetCountedString(&wire, client->swapped); +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-1.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-1.patch new file mode 100644 index 0000000..be131c2 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-0255-1.patch @@ -0,0 +1,138 @@ +From 20079c36cf7d377938ca5478447d8b9045cb7d43 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan <ofourdan@redhat.com> +Date: Fri, 16 Jan 2015 08:44:45 +0100 +Subject: xkb: Check strings length against request size + +Ensure that the given strings length in an XkbSetGeometry request remain +within the limits of the size of the request. + +Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index b9a3ac4..f3988f9 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -4957,25 +4957,29 @@ ProcXkbGetGeometry(ClientPtr client) + + /***====================================================================***/ + +-static char * +-_GetCountedString(char **wire_inout, Bool swap) ++static Status ++_GetCountedString(char **wire_inout, ClientPtr client, char **str) + { +- char *wire, *str; ++ char *wire, *next; + CARD16 len; + + wire = *wire_inout; + len = *(CARD16 *) wire; +- if (swap) { ++ if (client->swapped) { + swaps(&len); + } +- str = malloc(len + 1); +- if (str) { +- memcpy(str, &wire[2], len); +- str[len] = '\0'; +- } +- wire += XkbPaddedSize(len + 2); +- *wire_inout = wire; +- return str; ++ next = wire + XkbPaddedSize(len + 2); ++ /* Check we're still within the size of the request */ ++ if (client->req_len < ++ bytes_to_int32(next - (char *) client->requestBuffer)) ++ return BadValue; ++ *str = malloc(len + 1); ++ if (!*str) ++ return BadAlloc; ++ memcpy(*str, &wire[2], len); ++ *(*str + len) = '\0'; ++ *wire_inout = next; ++ return Success; + } + + static Status +@@ -4987,6 +4991,7 @@ _CheckSetDoodad(char **wire_inout, + xkbAnyDoodadWireDesc any; + xkbTextDoodadWireDesc text; + XkbDoodadPtr doodad; ++ Status status; + + dWire = (xkbDoodadWireDesc *) (*wire_inout); + any = dWire->any; +@@ -5036,8 +5041,14 @@ _CheckSetDoodad(char **wire_inout, + doodad->text.width = text.width; + doodad->text.height = text.height; + doodad->text.color_ndx = dWire->text.colorNdx; +- doodad->text.text = _GetCountedString(&wire, client->swapped); +- doodad->text.font = _GetCountedString(&wire, client->swapped); ++ status = _GetCountedString(&wire, client, &doodad->text.text); ++ if (status != Success) ++ return status; ++ status = _GetCountedString(&wire, client, &doodad->text.font); ++ if (status != Success) { ++ free (doodad->text.text); ++ return status; ++ } + break; + case XkbIndicatorDoodad: + if (dWire->indicator.onColorNdx >= geom->num_colors) { +@@ -5072,7 +5083,9 @@ _CheckSetDoodad(char **wire_inout, + } + doodad->logo.color_ndx = dWire->logo.colorNdx; + doodad->logo.shape_ndx = dWire->logo.shapeNdx; +- doodad->logo.logo_name = _GetCountedString(&wire, client->swapped); ++ status = _GetCountedString(&wire, client, &doodad->logo.logo_name); ++ if (status != Success) ++ return status; + break; + default: + client->errorValue = _XkbErrCode2(0x4F, dWire->any.type); +@@ -5304,18 +5317,20 @@ _CheckSetGeom(XkbGeometryPtr geom, xkbSetGeometryReq * req, ClientPtr client) + char *wire; + + wire = (char *) &req[1]; +- geom->label_font = _GetCountedString(&wire, client->swapped); ++ status = _GetCountedString(&wire, client, &geom->label_font); ++ if (status != Success) ++ return status; + + for (i = 0; i < req->nProperties; i++) { + char *name, *val; + +- name = _GetCountedString(&wire, client->swapped); +- if (!name) +- return BadAlloc; +- val = _GetCountedString(&wire, client->swapped); +- if (!val) { ++ status = _GetCountedString(&wire, client, &name); ++ if (status != Success) ++ return status; ++ status = _GetCountedString(&wire, client, &val); ++ if (status != Success) { + free(name); +- return BadAlloc; ++ return status; + } + if (XkbAddGeomProperty(geom, name, val) == NULL) { + free(name); +@@ -5349,9 +5364,9 @@ _CheckSetGeom(XkbGeometryPtr geom, xkbSetGeometryReq * req, ClientPtr client) + for (i = 0; i < req->nColors; i++) { + char *name; + +- name = _GetCountedString(&wire, client->swapped); +- if (!name) +- return BadAlloc; ++ status = _GetCountedString(&wire, client, &name); ++ if (status != Success) ++ return status; + if (!XkbAddGeomColor(geom, name, geom->num_colors)) { + free(name); + return BadAlloc; +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch new file mode 100644 index 0000000..a9f8030 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch @@ -0,0 +1,33 @@ +From c4534a38b68aa07fb82318040dc8154fb48a9588 Mon Sep 17 00:00:00 2001 +From: Ray Strode <rstrode@redhat.com> +Date: Tue, 5 May 2015 16:43:42 -0400 +Subject: xwayland: Enable access control on open sockets [CVE-2015-3164 1/3] + +Xwayland currently allows wide-open access to the X sockets +it listens on, ignoring Xauth access control. + +This commit makes sure to enable access control on the sockets, +so one user can't snoop on another user's X-over-wayland +applications. + +Signed-off-by: Ray Strode <rstrode@redhat.com> +Reviewed-by: Daniel Stone <daniels@collabora.com> +Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Signed-off-by: Keith Packard <keithp@keithp.com> + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 7e8d667..c5bee77 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) + int i; + + for (i = 0; i < xwl_screen->listen_fd_count; i++) +- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); ++ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE); + } + + static void +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch new file mode 100644 index 0000000..47b323f --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch @@ -0,0 +1,246 @@ +From 4b4b9086d02b80549981d205fb1f495edc373538 Mon Sep 17 00:00:00 2001 +From: Ray Strode <rstrode@redhat.com> +Date: Tue, 5 May 2015 16:43:43 -0400 +Subject: os: support new implicit local user access mode [CVE-2015-3164 2/3] + +If the X server is started without a '-auth' argument, then +it gets started wide open to all local users on the system. + +This isn't a great default access model, but changing it in +Xorg at this point would break backward compatibility. + +Xwayland, on the other hand is new, and much more targeted +in scope. It could, in theory, be changed to allow the much +more secure default of a "user who started X server can connect +clients to that server." + +This commit paves the way for that change, by adding a mechanism +for DDXs to opt-in to that behavior. They merely need to call + +LocalAccessScopeUser() + +in their init functions. + +A subsequent commit will add that call for Xwayland. + +Signed-off-by: Ray Strode <rstrode@redhat.com> +Reviewed-by: Daniel Stone <daniels@collabora.com> +Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Signed-off-by: Keith Packard <keithp@keithp.com> + +diff --git a/include/os.h b/include/os.h +index 6638c84..b2b96c8 100644 +--- a/include/os.h ++++ b/include/os.h +@@ -431,11 +431,28 @@ extern _X_EXPORT void + ResetHosts(const char *display); + + extern _X_EXPORT void ++EnableLocalAccess(void); ++ ++extern _X_EXPORT void ++DisableLocalAccess(void); ++ ++extern _X_EXPORT void + EnableLocalHost(void); + + extern _X_EXPORT void + DisableLocalHost(void); + ++#ifndef NO_LOCAL_CLIENT_CRED ++extern _X_EXPORT void ++EnableLocalUser(void); ++ ++extern _X_EXPORT void ++DisableLocalUser(void); ++ ++extern _X_EXPORT void ++LocalAccessScopeUser(void); ++#endif ++ + extern _X_EXPORT void + AccessUsingXdmcp(void); + +diff --git a/os/access.c b/os/access.c +index 8fa028e..75e7a69 100644 +--- a/os/access.c ++++ b/os/access.c +@@ -102,6 +102,10 @@ SOFTWARE. + #include <sys/ioctl.h> + #include <ctype.h> + ++#ifndef NO_LOCAL_CLIENT_CRED ++#include <pwd.h> ++#endif ++ + #if defined(TCPCONN) || defined(STREAMSCONN) + #include <netinet/in.h> + #endif /* TCPCONN || STREAMSCONN */ +@@ -225,6 +229,13 @@ static int LocalHostEnabled = FALSE; + static int LocalHostRequested = FALSE; + static int UsingXdmcp = FALSE; + ++static enum { ++ LOCAL_ACCESS_SCOPE_HOST = 0, ++#ifndef NO_LOCAL_CLIENT_CRED ++ LOCAL_ACCESS_SCOPE_USER, ++#endif ++} LocalAccessScope; ++ + /* FamilyServerInterpreted implementation */ + static Bool siAddrMatch(int family, void *addr, int len, HOST * host, + ClientPtr client); +@@ -237,6 +248,21 @@ static void siTypesInitialize(void); + */ + + void ++EnableLocalAccess(void) ++{ ++ switch (LocalAccessScope) { ++ case LOCAL_ACCESS_SCOPE_HOST: ++ EnableLocalHost(); ++ break; ++#ifndef NO_LOCAL_CLIENT_CRED ++ case LOCAL_ACCESS_SCOPE_USER: ++ EnableLocalUser(); ++ break; ++#endif ++ } ++} ++ ++void + EnableLocalHost(void) + { + if (!UsingXdmcp) { +@@ -249,6 +275,21 @@ EnableLocalHost(void) + * called when authorization is enabled to keep us secure + */ + void ++DisableLocalAccess(void) ++{ ++ switch (LocalAccessScope) { ++ case LOCAL_ACCESS_SCOPE_HOST: ++ DisableLocalHost(); ++ break; ++#ifndef NO_LOCAL_CLIENT_CRED ++ case LOCAL_ACCESS_SCOPE_USER: ++ DisableLocalUser(); ++ break; ++#endif ++ } ++} ++ ++void + DisableLocalHost(void) + { + HOST *self; +@@ -262,6 +303,74 @@ DisableLocalHost(void) + } + } + ++#ifndef NO_LOCAL_CLIENT_CRED ++static int GetLocalUserAddr(char **addr) ++{ ++ static const char *type = "localuser"; ++ static const char delimiter = '\0'; ++ static const char *value; ++ struct passwd *pw; ++ int length = -1; ++ ++ pw = getpwuid(getuid()); ++ ++ if (pw == NULL || pw->pw_name == NULL) ++ goto out; ++ ++ value = pw->pw_name; ++ ++ length = asprintf(addr, "%s%c%s", type, delimiter, value); ++ ++ if (length == -1) { ++ goto out; ++ } ++ ++ /* Trailing NUL */ ++ length++; ++ ++out: ++ return length; ++} ++ ++void ++EnableLocalUser(void) ++{ ++ char *addr = NULL; ++ int length = -1; ++ ++ length = GetLocalUserAddr(&addr); ++ ++ if (length == -1) ++ return; ++ ++ NewHost(FamilyServerInterpreted, addr, length, TRUE); ++ ++ free(addr); ++} ++ ++void ++DisableLocalUser(void) ++{ ++ char *addr = NULL; ++ int length = -1; ++ ++ length = GetLocalUserAddr(&addr); ++ ++ if (length == -1) ++ return; ++ ++ RemoveHost(NULL, FamilyServerInterpreted, length, addr); ++ ++ free(addr); ++} ++ ++void ++LocalAccessScopeUser(void) ++{ ++ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER; ++} ++#endif ++ + /* + * called at init time when XDMCP will be used; xdmcp always + * adds local hosts manually when needed +diff --git a/os/auth.c b/os/auth.c +index 5fcb538..7da6fc6 100644 +--- a/os/auth.c ++++ b/os/auth.c +@@ -181,11 +181,11 @@ CheckAuthorization(unsigned int name_length, + + /* + * If the authorization file has at least one entry for this server, +- * disable local host access. (loadauth > 0) ++ * disable local access. (loadauth > 0) + * + * If there are zero entries (either initially or when the + * authorization file is later reloaded), or if a valid +- * authorization file was never loaded, enable local host access. ++ * authorization file was never loaded, enable local access. + * (loadauth == 0 || !loaded) + * + * If the authorization file was loaded initially (with valid +@@ -194,11 +194,11 @@ CheckAuthorization(unsigned int name_length, + */ + + if (loadauth > 0) { +- DisableLocalHost(); /* got at least one */ ++ DisableLocalAccess(); /* got at least one */ + loaded = TRUE; + } + else if (loadauth == 0 || !loaded) +- EnableLocalHost(); ++ EnableLocalAccess(); + } + if (name_length) { + for (i = 0; i < NUM_AUTHORIZATION; i++) { +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch new file mode 100644 index 0000000..7e8f173 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch @@ -0,0 +1,34 @@ +From 76636ac12f2d1dbdf7be08222f80e7505d53c451 Mon Sep 17 00:00:00 2001 +From: Ray Strode <rstrode@redhat.com> +Date: Tue, 5 May 2015 16:43:44 -0400 +Subject: xwayland: default to local user if no xauth file given. + [CVE-2015-3164 3/3] + +Right now if "-auth" isn't passed on the command line, we let +any user on the system connect to the Xwayland server. + +That's clearly suboptimal, given Xwayland is generally designed +to be used by one user at a time. + +This commit changes the behavior, so only the user who started the +X server can connect clients to it. + +Signed-off-by: Ray Strode <rstrode@redhat.com> +Reviewed-by: Daniel Stone <daniels@collabora.com> +Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Signed-off-by: Keith Packard <keithp@keithp.com> + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index c5bee77..bc92beb 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv) + if (AddScreen(xwl_screen_init, argc, argv) == -1) { + FatalError("Couldn't add screen\n"); + } ++ ++ LocalAccessScopeUser(); + } +-- +cgit v0.10.2 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17-ia64-fix_inx_outx.patch b/x11-base/xorg-server/files/xorg-server-1.17-ia64-fix_inx_outx.patch new file mode 100644 index 0000000..84485c9 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-ia64-fix_inx_outx.patch @@ -0,0 +1,59 @@ +diff --git a/hw/xfree86/common/compiler.h b/hw/xfree86/common/compiler.h +index 1653574..fe881ee 100644 +--- a/hw/xfree86/common/compiler.h ++++ b/hw/xfree86/common/compiler.h +@@ -286,6 +286,54 @@ extern _X_EXPORT unsigned int inl(unsigned int port); + #include <machine/pio.h> + #endif /* __NetBSD__ */ + ++#elif defined(linux) && defined(__ia64__) ++/* for Linux on ia64, we use the LIBC _inx/_outx routines */ ++/* note that the appropriate setup via "ioperm" needs to be done */ ++/* *before* any inx/outx is done. */ ++ ++extern _X_EXPORT void _outb(unsigned char val, unsigned long port); ++extern _X_EXPORT void _outw(unsigned short val, unsigned long port); ++extern _X_EXPORT void _outl(unsigned int val, unsigned long port); ++extern _X_EXPORT unsigned int _inb(unsigned long port); ++extern _X_EXPORT unsigned int _inw(unsigned long port); ++extern _X_EXPORT unsigned int _inl(unsigned long port); ++ ++static __inline__ void ++outb(unsigned long port, unsigned char val) ++{ ++ _outb(val, port); ++} ++ ++static __inline__ void ++outw(unsigned long port, unsigned short val) ++{ ++ _outw(val, port); ++} ++ ++static __inline__ void ++outl(unsigned long port, unsigned int val) ++{ ++ _outl(val, port); ++} ++ ++static __inline__ unsigned int ++inb(unsigned long port) ++{ ++ return _inb(port); ++} ++ ++static __inline__ unsigned int ++inw(unsigned long port) ++{ ++ return _inw(port); ++} ++ ++static __inline__ unsigned int ++inl(unsigned long port) ++{ ++ return _inl(port); ++} ++ + #elif defined(__amd64__) + + #include <inttypes.h> diff --git a/x11-base/xorg-server/files/xorg-server-1.17-support-multiple-Files-sections.patch b/x11-base/xorg-server/files/xorg-server-1.17-support-multiple-Files-sections.patch new file mode 100644 index 0000000..789a118 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17-support-multiple-Files-sections.patch @@ -0,0 +1,65 @@ +From a140d7ce3f37f30b4fed27c5a70ebcc4ed13c612 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgorny@gentoo.org> +Date: Tue, 24 Feb 2015 12:57:24 +0100 +Subject: [PATCH] config: Support multiple 'Files' sections + +--- + hw/xfree86/parser/Files.c | 8 ++++++-- + hw/xfree86/parser/configProcs.h | 2 +- + hw/xfree86/parser/read.c | 2 +- + 3 files changed, 8 insertions(+), 4 deletions(-) + +diff --git a/hw/xfree86/parser/Files.c b/hw/xfree86/parser/Files.c +index 849bf92..5cc3ec7 100644 +--- a/hw/xfree86/parser/Files.c ++++ b/hw/xfree86/parser/Files.c +@@ -76,14 +76,18 @@ static xf86ConfigSymTabRec FilesTab[] = { + #define CLEANUP xf86freeFiles + + XF86ConfFilesPtr +-xf86parseFilesSection(void) ++xf86parseFilesSection(XF86ConfFilesPtr ptr) + { + int i, j; + int k, l; + char *str; + int token; + +- parsePrologue(XF86ConfFilesPtr, XF86ConfFilesRec) ++ if (!ptr) { ++ if( (ptr=calloc(1,sizeof(XF86ConfFilesRec))) == NULL ) { ++ return NULL; ++ } ++ } + + while ((token = xf86getToken(FilesTab)) != ENDSECTION) { + switch (token) { +diff --git a/hw/xfree86/parser/configProcs.h b/hw/xfree86/parser/configProcs.h +index 774e2a2..b9fdebb 100644 +--- a/hw/xfree86/parser/configProcs.h ++++ b/hw/xfree86/parser/configProcs.h +@@ -37,7 +37,7 @@ void xf86freeDeviceList(XF86ConfDevicePtr ptr); + int xf86validateDevice(XF86ConfigPtr p); + + /* Files.c */ +-XF86ConfFilesPtr xf86parseFilesSection(void); ++XF86ConfFilesPtr xf86parseFilesSection(XF86ConfFilesPtr ptr); + void xf86printFileSection(FILE * cf, XF86ConfFilesPtr ptr); + void xf86freeFiles(XF86ConfFilesPtr p); + +diff --git a/hw/xfree86/parser/read.c b/hw/xfree86/parser/read.c +index 327c02a..e0d6139 100644 +--- a/hw/xfree86/parser/read.c ++++ b/hw/xfree86/parser/read.c +@@ -110,7 +110,7 @@ xf86readConfigFile(void) + if (xf86nameCompare(xf86_lex_val.str, "files") == 0) { + free(xf86_lex_val.str); + xf86_lex_val.str = NULL; +- HANDLE_RETURN(conf_files, xf86parseFilesSection()); ++ HANDLE_RETURN(conf_files, xf86parseFilesSection(ptr->conf_files)); + } + else if (xf86nameCompare(xf86_lex_val.str, "serverflags") == 0) { + free(xf86_lex_val.str); +-- +2.3.0 + diff --git a/x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch b/x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch new file mode 100644 index 0000000..6818196 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.17.2-uninit-clientsWritable.patch @@ -0,0 +1,65 @@ +https://bugs.gentoo.org/show_bug.cgi?id=555776 + +From 7cc7ffd25d5e50b54cb942d07d4cb160f20ff9c5 Mon Sep 17 00:00:00 2001 +From: Martin Peres <martin.peres@linux.intel.com> +Date: Fri, 17 Jul 2015 17:21:26 +0300 +Subject: [PATCH] os: make sure the clientsWritable fd_set is initialized + before use + +In WaitForSomething(), the fd_set clientsWritable may be used unitialized when +the boolean AnyClientsWriteBlocked is set in the WakeupHandler(). This leads to +a crash in FlushAllOutput() after x11proto's commit +2c94cdb453bc641246cc8b9a876da9799bee1ce7. + +The problem did not manifest before because both the XFD_SIZE and the maximum +number of clients were set to 256. As the connectionTranslation table was +initalized for the 256 clients to 0, the test on the index not being 0 was +aborting before dereferencing the client #0. + +As of commit 2c94cdb453bc641246cc8b9a876da9799bee1ce7 in x11proto, the XFD_SIZE +got bumped to 512. This lead the OutputPending fd_set to have any fd above 256 +to be uninitialized which in turns lead to reading an index after the end of +the ConnectionTranslation table. This index would then be used to find the +client corresponding to the fd marked as pending writes and would also result +to an out-of-bound access which would usually be the fatal one. + +Fix this by zeroing the clientsWritable fd_set at the beginning of +WaitForSomething(). In this case, the bottom part of the loop, which would +indirectly call FlushAllOutput, will not do any work but the next call to +select will result in the execution of the right codepath. This is exactly what +we want because we need to know the writable clients before handling them. In +the end, it also makes sure that the fds above MaxClient are initialized, +preventing the crash in FlushAllOutput(). + +Thanks to everyone involved in tracking this one down! + +Reported-by: Karol Herbst <freedesktop@karolherbst.de> +Reported-by: Tobias Klausmann <tobias.klausmann@mni.thm.de> +Signed-off-by: Martin Peres <martin.peres@linux.intel.com> +Tested-by: Martin Peres <martin.peres@linux.intel.com> +Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=91316 +Cc: Ilia Mirkin <imirkin@alum.mit.edu> +Cc: Martin Peres <martin.peres@linux.intel.com> +Cc: Olivier Fourdan <ofourdan@redhat.com +Cc: Adam Jackson <ajax@redhat.com> +Cc: Alan Coopersmith <alan.coopersmith@oracle.com +Cc: Chris Wilson <chris@chris-wilson.co.uk> +--- + os/WaitFor.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/os/WaitFor.c b/os/WaitFor.c +index 431f1a6..993c14e 100644 +--- a/os/WaitFor.c ++++ b/os/WaitFor.c +@@ -158,6 +158,7 @@ WaitForSomething(int *pClientsReady) + Bool someReady = FALSE; + + FD_ZERO(&clientsReadable); ++ FD_ZERO(&clientsWritable); + + if (nready) + SmartScheduleStopTimer(); +-- +2.4.5 + diff --git a/x11-base/xorg-server/files/xorg-server-1.18-support-multiple-Files-sections.patch b/x11-base/xorg-server/files/xorg-server-1.18-support-multiple-Files-sections.patch new file mode 100644 index 0000000..0a61145 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-1.18-support-multiple-Files-sections.patch @@ -0,0 +1,53 @@ +See http://lists.x.org/archives/xorg-devel/2015-February/045755.html + +diff --git a/hw/xfree86/parser/Files.c b/hw/xfree86/parser/Files.c +index 849bf92..5cc3ec7 100644 +--- a/hw/xfree86/parser/Files.c ++++ b/hw/xfree86/parser/Files.c +@@ -76,14 +76,18 @@ static xf86ConfigSymTabRec FilesTab[] = { + #define CLEANUP xf86freeFiles + + XF86ConfFilesPtr +-xf86parseFilesSection(void) ++xf86parseFilesSection(XF86ConfFilesPtr ptr) + { + int i, j; + int k, l; + char *str; + int token; + +- parsePrologue(XF86ConfFilesPtr, XF86ConfFilesRec) ++ if (!ptr) { ++ if( (ptr=calloc(1,sizeof(XF86ConfFilesRec))) == NULL ) { ++ return NULL; ++ } ++ } + + while ((token = xf86getToken(FilesTab)) != ENDSECTION) { + switch (token) { +diff --git a/hw/xfree86/parser/configProcs.h b/hw/xfree86/parser/configProcs.h +index 171f8e8..e8199fe 100644 +--- a/hw/xfree86/parser/configProcs.h ++++ b/hw/xfree86/parser/configProcs.h +@@ -36,7 +36,7 @@ void xf86freeDeviceList(XF86ConfDevicePtr ptr); + int xf86validateDevice(XF86ConfigPtr p); + + /* Files.c */ +-XF86ConfFilesPtr xf86parseFilesSection(void); ++XF86ConfFilesPtr xf86parseFilesSection(XF86ConfFilesPtr ptr); + void xf86printFileSection(FILE * cf, XF86ConfFilesPtr ptr); + void xf86freeFiles(XF86ConfFilesPtr p); + +diff --git a/hw/xfree86/parser/read.c b/hw/xfree86/parser/read.c +index 327c02a..e0d6139 100644 +--- a/hw/xfree86/parser/read.c ++++ b/hw/xfree86/parser/read.c +@@ -110,7 +110,7 @@ xf86readConfigFile(void) + if (xf86nameCompare(xf86_lex_val.str, "files") == 0) { + free(xf86_lex_val.str); + xf86_lex_val.str = NULL; +- HANDLE_RETURN(conf_files, xf86parseFilesSection()); ++ HANDLE_RETURN(conf_files, xf86parseFilesSection(ptr->conf_files)); + } + else if (xf86nameCompare(xf86_lex_val.str, "serverflags") == 0) { + free(xf86_lex_val.str); diff --git a/x11-base/xorg-server/files/xorg-server-disable-acpi.patch b/x11-base/xorg-server/files/xorg-server-disable-acpi.patch new file mode 100644 index 0000000..cc80e6c --- /dev/null +++ b/x11-base/xorg-server/files/xorg-server-disable-acpi.patch @@ -0,0 +1,31 @@ +From a8079882f1884edc62a9de28af915bd8b65dfbbe Mon Sep 17 00:00:00 2001 +From: Adam Jackson <ajax@redhat.com> +Date: Wed, 11 Mar 2009 14:02:11 -0400 +Subject: [PATCH] Don't build the ACPI code. + +No good can come of this. +--- + configure.ac | 2 -- + 1 files changed, 0 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 72ae67e..04716f8 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1269,13 +1269,11 @@ if test "x$XORG" = xyes; then + case $host_cpu in + ia64*) + linux_ia64=yes +- linux_acpi="yes" + ;; + alpha*) + linux_alpha=yes + ;; + i*86|amd64*|x86_64*) +- linux_acpi="yes" + ;; + *) + ;; +-- +1.6.1.3 + diff --git a/x11-base/xorg-server/files/xorg-sets.conf b/x11-base/xorg-server/files/xorg-sets.conf new file mode 100644 index 0000000..5cd8112 --- /dev/null +++ b/x11-base/xorg-server/files/xorg-sets.conf @@ -0,0 +1,6 @@ +# Rebuild all X11 modules (mostly useful after xorg-server ABI change). +[x11-module-rebuild] +class = portage.sets.dbapi.VariableSet +world-candidate = false +variable = CATEGORY +includes = x11-drivers diff --git a/x11-base/xorg-server/xorg-server-9999.ebuild b/x11-base/xorg-server/xorg-server-9999.ebuild new file mode 100644 index 0000000..446117c --- /dev/null +++ b/x11-base/xorg-server/xorg-server-9999.ebuild @@ -0,0 +1,242 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +XORG_DOC=doc +inherit xorg-2 multilib versionator flag-o-matic +EGIT_REPO_URI="git://anongit.freedesktop.org/xorg/xserver" + +DESCRIPTION="X.Org X servers" +SLOT="0/${PV}" +KEYWORDS="alpha amd64 ~arm ~arm64 hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux" + +IUSE_SERVERS="dmx kdrive xephyr xnest xorg xvfb" +IUSE="${IUSE_SERVERS} glamor ipv6 libressl minimal selinux +suid systemd tslib +udev unwind wayland" + +CDEPEND=">=app-eselect/eselect-opengl-1.3.0 + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl ) + media-libs/freetype + >=x11-apps/iceauth-1.0.2 + >=x11-apps/rgb-1.0.3 + >=x11-apps/xauth-1.0.3 + x11-apps/xkbcomp + >=x11-libs/libdrm-2.4.46 + >=x11-libs/libpciaccess-0.12.901 + >=x11-libs/libXau-1.0.4 + >=x11-libs/libXdmcp-1.0.2 + >=x11-libs/libXfont-1.4.2 + >=x11-libs/libxkbfile-1.0.4 + >=x11-libs/libxshmfence-1.1 + >=x11-libs/pixman-0.27.2 + >=x11-libs/xtrans-1.3.5 + >=x11-misc/xbitmaps-1.0.1 + >=x11-misc/xkeyboard-config-2.4.1-r3 + dmx? ( + x11-libs/libXt + >=x11-libs/libdmx-1.0.99.1 + >=x11-libs/libX11-1.1.5 + >=x11-libs/libXaw-1.0.4 + >=x11-libs/libXext-1.0.99.4 + >=x11-libs/libXfixes-5.0 + >=x11-libs/libXi-1.2.99.1 + >=x11-libs/libXmu-1.0.3 + x11-libs/libXrender + >=x11-libs/libXres-1.0.3 + >=x11-libs/libXtst-1.0.99.2 + ) + glamor? ( + media-libs/libepoxy + >=media-libs/mesa-10.3.4-r1[egl,gbm] + !x11-libs/glamor + ) + kdrive? ( + >=x11-libs/libXext-1.0.5 + x11-libs/libXv + ) + xephyr? ( + x11-libs/libxcb + x11-libs/xcb-util + x11-libs/xcb-util-image + x11-libs/xcb-util-keysyms + x11-libs/xcb-util-renderutil + x11-libs/xcb-util-wm + ) + !minimal? ( + >=x11-libs/libX11-1.1.5 + >=x11-libs/libXext-1.0.5 + >=media-libs/mesa-10.3.4-r1 + ) + tslib? ( >=x11-libs/tslib-1.0 ) + udev? ( >=virtual/udev-150 ) + unwind? ( sys-libs/libunwind ) + wayland? ( + >=dev-libs/wayland-1.3.0 + media-libs/libepoxy + ) + >=x11-apps/xinit-1.3.3-r1 + systemd? ( + sys-apps/dbus + sys-apps/systemd + )" + +DEPEND="${CDEPEND} + sys-devel/flex + >=x11-proto/bigreqsproto-1.1.0 + >=x11-proto/compositeproto-0.4 + >=x11-proto/damageproto-1.1 + >=x11-proto/fixesproto-5.0 + >=x11-proto/fontsproto-2.1.3 + >=x11-proto/glproto-1.4.17-r1 + >=x11-proto/inputproto-2.3 + >=x11-proto/kbproto-1.0.3 + >=x11-proto/randrproto-1.5.0 + >=x11-proto/recordproto-1.13.99.1 + >=x11-proto/renderproto-0.11 + >=x11-proto/resourceproto-1.2.0 + >=x11-proto/scrnsaverproto-1.1 + >=x11-proto/trapproto-3.4.3 + >=x11-proto/videoproto-2.2.2 + >=x11-proto/xcmiscproto-1.2.0 + >=x11-proto/xextproto-7.2.99.901 + >=x11-proto/xf86dgaproto-2.0.99.1 + >=x11-proto/xf86rushproto-1.1.2 + >=x11-proto/xf86vidmodeproto-2.2.99.1 + >=x11-proto/xineramaproto-1.1.3 + >=x11-proto/xproto-7.0.28 + >=x11-proto/presentproto-1.0 + >=x11-proto/dri3proto-1.0 + dmx? ( + >=x11-proto/dmxproto-2.2.99.1 + doc? ( + || ( + www-client/links + www-client/lynx + www-client/w3m + ) + ) + ) + !minimal? ( + >=x11-proto/xf86driproto-2.1.0 + >=x11-proto/dri2proto-2.8 + )" + +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-xserver ) + !x11-drivers/xf86-video-modesetting +" + +PDEPEND=" + xorg? ( >=x11-base/xorg-drivers-$(get_version_component_range 1-2) )" + +REQUIRED_USE="!minimal? ( + || ( ${IUSE_SERVERS} ) + ) + xephyr? ( kdrive )" + +#UPSTREAMED_PATCHES=( +# "${WORKDIR}/patches/" +#) + +PATCHES=( + "${UPSTREAMED_PATCHES[@]}" + "${FILESDIR}"/${PN}-1.12-unloadsubmodule.patch + # needed for new eselect-opengl, bug #541232 + "${FILESDIR}"/${PN}-1.18-support-multiple-Files-sections.patch +) + +pkg_pretend() { + # older gcc is not supported + [[ "${MERGE_TYPE}" != "binary" && $(gcc-major-version) -lt 4 ]] && \ + die "Sorry, but gcc earlier than 4.0 will not work for xorg-server." +} + +src_configure() { + # localstatedir is used for the log location; we need to override the default + # from ebuild.sh + # sysconfdir is used for the xorg.conf location; same applies + # NOTE: fop is used for doc generating; and I have no idea if Gentoo + # package it somewhere + XORG_CONFIGURE_OPTIONS=( + $(use_enable ipv6) + $(use_enable dmx) + $(use_enable glamor) + $(use_enable kdrive) + $(use_enable kdrive kdrive-kbd) + $(use_enable kdrive kdrive-mouse) + $(use_enable kdrive kdrive-evdev) + $(use_enable suid install-setuid) + $(use_enable tslib) + $(use_enable unwind libunwind) + $(use_enable wayland xwayland) + $(use_enable !minimal record) + $(use_enable !minimal xfree86-utils) + $(use_enable !minimal dri) + $(use_enable !minimal dri2) + $(use_enable !minimal glx) + $(use_enable xephyr) + $(use_enable xnest) + $(use_enable xorg) + $(use_enable xvfb) + $(use_enable udev config-udev) + $(use_with doc doxygen) + $(use_with doc xmlto) + $(use_with systemd systemd-daemon) + $(use_enable systemd systemd-logind) + --enable-libdrm + --sysconfdir="${EPREFIX}"/etc/X11 + --localstatedir="${EPREFIX}"/var + --with-fontrootdir="${EPREFIX}"/usr/share/fonts + --with-xkb-output="${EPREFIX}"/var/lib/xkb + --disable-config-hal + --disable-linux-acpi + --without-dtrace + --without-fop + --with-os-vendor=Gentoo + --with-sha1=libcrypto + ) + + xorg-2_src_configure +} + +src_install() { + xorg-2_src_install + + server_based_install + + if ! use minimal && use xorg; then + # Install xorg.conf.example into docs + dodoc "${AUTOTOOLS_BUILD_DIR}"/hw/xfree86/xorg.conf.example + fi + + newinitd "${FILESDIR}"/xdm-setup.initd-1 xdm-setup + newinitd "${FILESDIR}"/xdm.initd-11 xdm + newconfd "${FILESDIR}"/xdm.confd-4 xdm + + # install the @x11-module-rebuild set for Portage + insinto /usr/share/portage/config/sets + newins "${FILESDIR}"/xorg-sets.conf xorg.conf +} + +pkg_postinst() { + # sets up libGL and DRI2 symlinks if needed (ie, on a fresh install) + eselect opengl set xorg-x11 --use-old +} + +pkg_postrm() { + # Get rid of module dir to ensure opengl-update works properly + if [[ -z ${REPLACED_BY_VERSION} && -e ${EROOT}/usr/$(get_libdir)/xorg/modules ]]; then + rm -rf "${EROOT}"/usr/$(get_libdir)/xorg/modules + fi +} + +server_based_install() { + if ! use xorg; then + rm "${ED}"/usr/share/man/man1/Xserver.1x \ + "${ED}"/usr/$(get_libdir)/xserver/SecurityPolicy \ + "${ED}"/usr/$(get_libdir)/pkgconfig/xorg-server.pc \ + "${ED}"/usr/share/man/man1/Xserver.1x + fi +} |