Commit Graph

65 Commits

Author SHA1 Message Date
Vijay Anusuri
fb0a4eb7a8 xserver-xorg: Fix CVE-2026-34003
Pick patch according to [1]

[1] https://lists.x.org/archives/xorg-announce/2026-April/003677.html
[2] https://security-tracker.debian.org/tracker/CVE-2026-34003

(From OE-Core rev: 5faf37e3de47291cffed048ae20d91033d94d686)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-19 12:49:08 +01:00
Vijay Anusuri
122701d321 xserver-xorg: Fix CVE-2026-34002
Pick patch according to [1]

[1] https://lists.x.org/archives/xorg-announce/2026-April/003677.html
[2] https://security-tracker.debian.org/tracker/CVE-2026-34002

(From OE-Core rev: 5c30b1e0dd0e1cb65091787c9c931d3d16c0f93c)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-19 12:49:08 +01:00
Vijay Anusuri
f58a56f697 xserver-xorg: Fix CVE-2026-34001
Pick patch according to [1]

[1] https://lists.x.org/archives/xorg-announce/2026-April/003677.html
[2] https://security-tracker.debian.org/tracker/CVE-2026-34001

(From OE-Core rev: b85d3abfc5a1fd05c3a82f1f03579df493094719)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-19 12:49:08 +01:00
Vijay Anusuri
eefcaaa556 xserver-xorg: Fix CVE-2026-34000
Pick patch according to [1]

[1] https://lists.x.org/archives/xorg-announce/2026-April/003677.html
[2] https://security-tracker.debian.org/tracker/CVE-2026-34000

(From OE-Core rev: 3611b45c3c0144172c032964bf0d601dba649b49)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-19 12:49:08 +01:00
Vijay Anusuri
a939424099 xserver-xorg: Fix CVE-2026-33999
Pick patch according to [1]

[1] https://lists.x.org/archives/xorg-announce/2026-April/003677.html
[2] https://security-tracker.debian.org/tracker/CVE-2026-33999

(From OE-Core rev: b66a3f975666d9074f0e377ccece1aad2c347da8)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-19 12:49:08 +01:00
Ross Burton
db7f586822 xserver-xorg: fix CVE-2025-62229 CVE-2025-62230 CVE-2025-62231
>From https://lists.x.org/archives/xorg-announce/2025-October/003635.html:

1) CVE-2025-62229: Use-after-free in XPresentNotify structures creation

    Using the X11 Present extension, when processing and adding the
    notifications after presenting a pixmap, if an error occurs, a dangling
    pointer may be left in the error code path of the function causing a
    use-after-free when eventually destroying the notification structures
    later.

    Introduced in: Xorg 1.15
    Fixed in: xorg-server-21.1.19 and xwayland-24.1.9
    Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/5a4286b1
    Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.

2) CVE-2025-62230: Use-after-free in Xkb client resource removal

    When removing the Xkb resources for a client, the function
    XkbRemoveResourceClient() will free the XkbInterest data associated
    with the device, but not the resource associated with it.

    As a result, when the client terminates, the resource delete function
    triggers a use-after-free.

    Introduced in: X11R6
    Fixed in: xorg-server-21.1.19 and xwayland-24.1.9
    Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/99790a2c
         https://gitlab.freedesktop.org/xorg/xserver/-/commit/10c94238
    Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.

3) CVE-2025-62231: Value overflow in Xkb extension XkbSetCompatMap()

    The XkbCompatMap structure stores some of its values using an unsigned
    short, but fails to check whether the sum of the input data might
    overflow the maximum unsigned short value.

    Introduced in: X11R6
    Fixed in: xorg-server-21.1.19 and xwayland-24.1.9
    Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/475d9f49
    Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.

(From OE-Core rev: 50b9c34ba932761fab9035a54e58466d72b097bf)

(From OE-Core rev: f5a10c4950ccb5570c72eb0a09618b7b3523bc39)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-11-26 07:50:35 -08:00
Ross Burton
a78985ed94 xserver-xorg: remove redundant patch
The underlying issue with -fno-common was resolved upstream in xserver
21.1.0 onwards[1].

[1] xserver 0148a15da ("compiler.h: don't define inb/outb and friends on mips")

(From OE-Core rev: 74b77ee90efd50a703af76769fac66a0f7c394ca)

(From OE-Core rev: f1b064e684cebc3e0c6ca36eb585e26b8da5583b)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-11-26 07:50:35 -08:00
Alexander Kanavin
331f68a585 xserver-xorg: upgrade 21.1.12 -> 21.1.13
Changes:

render: Avoid possible double-free in ProcRenderAddGlyphs()
mi: fix rounding issues around zero in miPointerSetPosition

(From OE-Core rev: 9c00034001c27a17658ae8ae6a75d0c115a1a16b)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 78dc14599a65075a40c26df4bf9d2bb33a237ca9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-07-26 07:43:46 -07:00
Ross Burton
3d2d75119c Revert "xserver-xorg: Fix for CVE-2023-5574"
These patches are not yet merged (so they're not backports) because they
have outstanding (undescribed) issues[1]. As this issue only affects
Xvfb and is a use-after-free with only a hypothetical attack, revert the
patches until the compromise is understood.

This reverts commit a193c0224a.

[1] https://lists.x.org/archives/xorg-announce/2023-October/003430.html

(From OE-Core rev: 1ed1c4f48203a8366519b40a094c7d9719c3ae32)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-08 16:42:49 +00:00
Vijay Anusuri
a193c0224a xserver-xorg: Fix for CVE-2023-5574
Upstream-Status: Backport
[1953f460b9
&
b6fe3f924a
&
ab2c58ba47]

(From OE-Core rev: 9291d7e7aca8ff93d036770e4fb42901c3ea1d60)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-08 11:00:09 +00:00
Alexander Kanavin
fc21330699 xserver-xorg: upgrade 21.1.4 -> 21.1.6
(From OE-Core rev: 009e8d6a292690a0c355d12be2368a9677c701f5)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-01-06 12:03:47 +00:00
Ross Burton
262f44fd28 xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
(From OE-Core rev: e32401d8bf44afcca88af7e4c5948d2c28e1813f)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-10-26 12:28:40 +01:00
Alexander Kanavin
9b68b63b6c xserver-xorg: update 21.1.3 -> 21.1.4
(From OE-Core rev: d683f2a1fbe65b52d82f55a2e38aa75fc105a338)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-23 13:55:25 +01:00
Khem Raj
ac5477c482 xserver-xorg: Fix build with gcc12
backport patch to silence new array-bounds warnings

(From OE-Core rev: 54fa74e6e60472e10f1a11b3daa8ee9f00f0c9d5)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-04-19 14:14:11 +01:00
Alexander Kanavin
49e2197063 xserver-xorg: remove unneeded patch
(From OE-Core rev: a9c92a52155073e2db5f771efd36eedd5792273d)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-12-06 11:09:52 +00:00
Alexander Kanavin
6d7d97d787 xserver-xorg: update 1.20.13 -> 21.1.1
libxcvt is a new dependency (thanks Oleksandr!).

Include ${libdir}/xorg/modules/input/*.so into the main
package (if for someone separate packaging matters, please
investigate what they do).

Remove options no longer present upstream.

Remove patches available upstream; drop a chunk as well.

(From OE-Core rev: fe501ae1f6bea73882707c944c4fab5c5657a551)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-11-11 17:09:16 +00:00
Alexander Kanavin
c04b40a21e xserver-xorg: upgrade 1.20.10 -> 1.20.11
(From OE-Core rev: 0e9ff8859492403a88e61cfba5df2917d70d3584)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-05-09 23:30:14 +01:00
Stefan Ghinea
cd618cc017 xserver-xorg: fix CVE-2021-3472
Insufficient checks on the lengths of the XInput extension
ChangeFeedbackControl request can lead to out of bounds memory accesses
in the X server.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-3472

Upstream patches:
7aaf54a188

(From OE-Core rev: 6fec5fea942ce88e33e5cf4c2102d69ce25e7180)

Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-05-02 23:21:42 +01:00
Ross Burton
bb759f56f6 meta: add/fix invalid Upstream-Status tags
(From OE-Core rev: 630ce8130598e2bca7231ac28a7cc18b5b942544)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-09-23 20:54:03 +01:00
Aníbal Limón
34eee398f9 recipes-graphics/xorg-xserver: Add patch to fix segfault when probe
Fix segfault on probing a non-PCI platform device on a system with PCI.

...
    at ../../xorg-server-1.20.9/os/log.c:1017
    at ../../xorg-server-1.20.9/os/osinit.c:156
    at ../../xorg-server-1.20.9/os/osinit.c:110
    at ../../../../xorg-server-1.20.9/hw/xfree86/common/xf86platformBus.c:292
    argv=argv@entry=0xffffca43c7c8) at ../../../../xorg-server-1.20.9/hw/xfree86/common/xf86Init.c:388
    at ../../xorg-server-1.20.9/dix/main.c:193
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=<optimized out>)
    at ../csu/libc-start.c:314
...

Backported from upstream rev e50c85f4e.

(From OE-Core rev: 3b37cbd53219d9c10640b462aa91991d8cbc2a23)

Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-09-09 10:11:57 +01:00
Khem Raj
9e82d25fd3 xserver-xorg: Fix build with -fno-common/mips
Build fails on architectures which use IOPortBase

(From OE-Core rev: 36dc499eea1d0e5c342b94ce30b56ba8bbf04922)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-08-19 10:57:44 +01:00
Alexander Kanavin
06fc241518 xserver-xorg: upgrade 1.20.6 -> 1.20.7
(From OE-Core rev: cad375e113b52069eaa24d7b07a97cc63ae9da46)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-02-08 13:20:02 +00:00
Wang Mingyu
888fbea05e xserver-xorg: 1.20.5 -> 1.20.6
(From OE-Core rev: da8533fcbb3595b14a24f14d6ee7bb7e4665143d)

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-12-04 12:30:58 +00:00
Ross Burton
83201d04f1 xserver-xorg: refresh build path removal patch
The patch has iterated, so update to the latest revision.

(From OE-Core rev: 042e8e8a7181bb3ca830185c38f9287f62c68fe6)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-08-07 16:08:15 +01:00
Ross Burton
6fc65530fb xserver-xorg: remove embedded build path in the source
The generated source file sdksyms.c has a comment with the absolute build path,
which means xserver-xorg-src contains this build path.  This is both potential
build information leakage and a source of unreproducibility, so remove the
comment.

(From OE-Core rev: 2086e0f08d920de15ab4065fb43c2281b1dcc57a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-08-03 23:56:01 +01:00
Khem Raj
2e2ee89c74 xserver-xorg: Backport patch to remove using sys/io.h
latest glibc dropped support for sys/io.h on arm, which is fixed in
upstream xserver, as a bonus we can drop musl specific patch which was
doing something similar up until now.

Fixes
|In file included from ../../../../xorg-server-1.20.4/hw/xfree86/int10/generic.c:15:
| ../../../../xorg-server-1.20.4/hw/xfree86/common/compiler.h:767:10: fatal error: 'sys/io.h' file not found
| #include <sys/io.h>
|          ^~~~~~~~~~
| 1 error generated.

(From OE-Core rev: 1c72953b6c890b8411fec997b5c28a17eed82897)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-07-31 23:03:01 +01:00
Khem Raj
74a8b244de xserver-xorg: Fix build errors with clang
(From OE-Core rev: b11725db2d5549dc45d8ae36fbf94a5c8e342d69)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-04 14:27:06 +00:00
Armin Kuster
0cbda4a42e xserver-xorg: update to 1.20.3
1.20.3 fixes arm booting in testimage

(From OE-Core rev: 7d96e1659b1616f287805abb42f512fa17c0c493)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-11-14 11:14:38 +00:00
Ross Burton
411184bfaa xserver-xorg: fix CVE-2018-14665
Incorrect command-line parameter validation in the Xorg X server can lead to
privilege elevation and/or arbitrary files overwrite, when the X server is
running with elevated privileges (ie when Xorg is installed with the setuid bit
set and started by a non-root user). The -modulepath argument can be used to
specify an insecure path to modules that are going to be loaded in the X server,
allowing to execute unprivileged code in the privileged process. The -logfile
argument can be used to overwrite arbitrary files in the file system, due to
incorrect checks in the parsing of the option.

(From OE-Core rev: 14b5854d50c38e94fc0d1ce6af36698fc69f52b4)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-11-01 13:27:26 +00:00
Ross Burton
4cd0d52e5f xserver-xorg: rewrite xorg-server.m4 patch
Instead of having a patch that upstream won't accept, rewrite it in a
upstreamable way and <gasp> submit it upstream.

The fundamental problem is that pkg-config --variable=sdkdir will return the
value of sdkdir literally, whereas --cflags will return -I${sdkdir} *but* will
do sysroot relocation magic on the path so it is usable.

(From OE-Core rev: 4af34cb1193fe86b862566becfb560b3d19155f4)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-09-21 18:45:47 -07:00
Ross Burton
9d2cbf0414 xserver-xorg: remove obsolete patch
This patch is forcing input to use SIGIO, despite the fact that since 2015
xserver has used an input thread.

(From OE-Core rev: cde11398e6d74ad8f27334199b4bd99cdf1f0ff7)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-09-21 18:45:47 -07:00
Ross Burton
d02939de27 xserver-xorg: remove redundant patch
Upstream doesn't assume a monotonic clock isn't available anymore, so we can
remove this patch.

(From OE-Core rev: 25e034b4c3854a7a9190c4deee7fbca6ba4a8c47)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-09-21 18:45:46 -07:00
Armin Kuster
de614a5b22 xserver-xorg: upgrade 1.19.6 -> 1.20.1
removed included patch

Refresh 0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC
Remove 0001-config-fix-NULL-value-detection-for-ID_INPUT-being-u.patch

(From OE-Core rev: 2aef37314d90ba5144b8f8c5d26190b687ddbbb3)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-09-17 08:41:44 +01:00
Armin Kuster
b141ea4bd8 xserver-xorg: config: fix NULL value detection for ID_INPUT being unset
Fixes Yocto # 12899

Xorg.log message:

(II) config/udev: Adding input device (unnamed) (/dev/tty59)

and cause system freezes.

(From OE-Core rev: e29a330e04baf0881805e4a36d28bafad7fcd318)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-09-11 09:05:35 +01:00
California Sullivan
be7511a33d xserver-xorg: import distro patch to use modesetting driver on newer hardware
Debian and Fedora both carry this patch, and the xf86-video-modesetting
driver seems better on recent hardware.

As an example, on a NUC6CAYS, the x11perf -aa10text and -rgb10text tests
see around a 20x increase.

[YOCTO #12019]
[YOCTO #12390]

(From OE-Core rev: 2e4934d5d4b2745ffcd76020b307b9021f8d8853)

Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-03-25 09:40:41 +01:00
Ross Burton
631e06643b xorg-xserver: refresh patches
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.

Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450).  This is obviously bad.

We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.

(From OE-Core rev: 77fb72c76c8a5b2229a32f36a913a3293e9d2b56)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-03-11 06:27:01 -07:00
Ross Burton
77b66630fa xserver-xorg: remove redundant Wayland patch
The installation path and wayland-scanner location problems in Wayland were
resolved in "wayland: Fix installation patch issue" (oe-core 14c0d99) which made
the WAYLAND_PROTOCOLS_SYSROOT_DIR workaround redundant.

(From OE-Core rev: 2dffd043c7f9bb71356a0d0b86b5b0a19fdf7343)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-18 18:03:56 +00:00
Armin Kuster
ee8769ec16 xorg-xserver: update to 1.19.5
Remove patches that are included in 1.19.4

[ANNOUNCE] xorg-server 1.19.4
https://lists.x.org/archives/xorg-devel/2017-October/054839.html

xkb: Handle xkb formated string output safely (CVE-2017-13723)
Xext/shm: Validate shmseg resource id (CVE-2017-13721)

[ANNOUNCE] xorg-server 1.19.5
https://lists.x.org/archives/xorg-announce/2017-October/002814.html
One regression fix since 1.19.4 (mea culpa), and fixes for CVEs 2017-
12176 through 2017-12187. C is a terrible language, please stop writing
code in it.

(From OE-Core rev: 608df0ac0101fe0a7c3a779ed52118b0ab4381c3)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-07 13:25:31 +00:00
Jackie Huang
583225d94a xserver-xorg: Fix CVE-2017-10971
Backport 3 patches to fix CVE-2017-10971:

In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971

(From OE-Core rev: 20428f660f2c046c63bbf63c4e4af95dac9f2b3d)

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-18 23:46:37 +01:00
Tom Hochstein
82548f8e9c xserver-xorg: Fix X server 1.19 crash
Commit 6a5a4e60373c1386b311b2a8bb666c32d68a9d99 removes the configure of
useSIGIO option:

xfree86 SIGIO support is reworked to use internal versions of
OsBlockSIGIO and OsReleaseSIGIO

The check for useSIGIO is no longer needed.

(From OE-Core rev: 5ed1bc5b4dadc74f1db52179238fbbd145a59043)

Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-02-05 09:22:17 +00:00
Andreas Müller
6254e28b31 xserver-xorg: fix 16bit modes
Discovered on beaglebone black

(From OE-Core rev: 21fcb42d97e90eb76283b69ab876729f4cee7ad7)

Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-02-05 09:22:16 +00:00
Jussi Kukkonen
1207d6d32e xserver-xorg: Upgrade 1.18.4 -> 1.19.0
* xserver depends on xfont2 now.
* xwayland support requires wayland-scanner: Add patch to find
  wayland-scanner and protocol files while cross-compiling.
* patch MONOTONIC_CLOCK check so it works when cross-compiling
  (otherwise we always end with no monotonic clock and xwayland
  compile fails)
* Add vardepsexclude for MACHINE to ensure consistent hashes (RB)

(From OE-Core rev: f9c2b4284fafaa8998bbd2a6f443b0b7b98dafaa)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-13 22:55:21 +00:00
Andreas Müller
1e88c74650 xserver-xorg: update 1.18.3 and add PACKAGECONFIG for glamor
* drm-version patch was applied mainline
* libsystemd was solved similar to patch upstream
* glamor was enhanced twice by Eric Anholt and makes vc4 work on Raspberry Pi
* glamor does not link against libegl but won't work without libegl

(From OE-Core rev: 7fc6e5e816434fb6e35c137d5440b92a1cc4d9c2)

Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-05-11 10:33:41 +01:00
Johannes Pointner
1a35166107 xserver: require sufficiently new libdrm
This fixes the check of the libdrm version in the configure script.

(From OE-Core rev: 2312eb1b6da67c2c7e8c968db55d99472ac29b49)

Signed-off-by: Johannes Pointner <johannes.pointner@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-03-12 22:11:47 +00:00
Khem Raj
f2cf5d3398 xserver-xorg: Fix build with musl
inb/outb are implemented for ARM on glibc but not on linux in general
therefore the conditional has to reflect that

(From OE-Core rev: 8920e520b58118c72c68e739c780efd71c1650d3)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-24 09:40:26 +00:00
Jussi Kukkonen
a1003f5004 xserver-xorg: Upgrade 1.17.2 -> 1.18.0
* Remove glibc-guard patch: xserver no longer uses termio.h on linux
  in any case.
* Remove "--enable-glx-tls": this hasn't done anything since glapi
  was separated from glx
* Note that xserver no longer installs evdev configuration
  (evdev and/or libinput should do it instead)
* Add patch to check for libsystemd correctly
* Add PACKAGECONFIG for libsystemd

(From OE-Core rev: 9057678e75ec09af081b27d5935907ec955c3664)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-11-25 08:08:14 +00:00
Jussi Kukkonen
f8b25377a6 xorg-xserver: Upgrade 1.17.1 -> 1.17.2
Fixes CVE-2015-3164 in Xwayland.

Remove unnecessary patches:
 * fix_open_max_preprocessor_error.patch is no longer needed:
   OPEN_MAX is defined in every case now
 * xorg-CVE-2013-6424.patch was handled in pixman several releases ago
 * other removed patches are included in 1.17.2

(From OE-Core rev: 1d35231d666baee9ac4aaeb482371f3c71998c76)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-06-27 22:42:54 +01:00
Bruce Ashfield
62136c0e81 xorg: fix VESA int10 error
When falling back to the VESA server, X fails to start due to an error
reading the int10 vec.

We cherry-pick the following commit to fix the error:

   commit 0a78b599b34cc8b5fe6fe82f90e90234e8ab7a56
   Author: Jürg Billeter <j@bitron.ch>
   Date:   Sat Feb 7 18:13:21 2015 +0100

       int10: Fix error check for pci_device_map_legacy

       pci_device_map_legacy returns 0 on success.

       Signed-off-by: Jürg Billeter <j@bitron.ch>
       Reviewed-by: Adam Jackson <ajax@redhat.com>
       Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

(From OE-Core rev: e1570e12f92bf359ef34d0e2998b09981bcece18)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-06-11 23:59:16 +01:00
Jussi Kukkonen
f63e9b30ea xserver-xorg: Upgrade 1.16.3 -> 1.17.1 (OELAYOUT_ABI change)
* Increase OELAYOUT_ABI: this is required because the
  xf86-video-modesetting package moves from its own recipe to
  xserver-xorg and sanity check cannot handle that currently.
  The upgrade will delete old xf86-video-modesetting files from
  sysroots.
* Remove upstreamed xserver-xorg patches
* Remove xf86-video-modesetting recipe: the driver is now included in
  xserver-xorg recipe, which now produces the xf86-video-modesetting
  package. The package version changes from 0.9 to 1.17.1
* Update xserver-xorg license checksum: modesetting license
  info (another MIT one) has been added to the file

(From OE-Core rev: 950846d019ffac21909a96d90af8cf7e5bdd5738)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-06-03 16:38:48 +01:00
Ross Burton
0321760d77 xserver-xorg: use GCC 5 patch from upstream
Upstream has already fixed the GCC 5 problem, so use the patch from upstream.

(From OE-Core rev: 15b39bfbb1a0263ac194a9833175b72ab7345ebd)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30 23:04:11 +01:00