diff options
Diffstat (limited to 'patches/source/xorg-server')
23 files changed, 1400 insertions, 0 deletions
diff --git a/patches/source/xorg-server/arch.use.flags b/patches/source/xorg-server/arch.use.flags new file mode 100644 index 000000000..f28a6ccab --- /dev/null +++ b/patches/source/xorg-server/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server new file mode 100644 index 000000000..d60cb103b --- /dev/null +++ b/patches/source/xorg-server/build/xorg-server @@ -0,0 +1 @@ +5_slack14.0 diff --git a/patches/source/xorg-server/configure/xorg-server b/patches/source/xorg-server/configure/xorg-server new file mode 100644 index 000000000..778d7668a --- /dev/null +++ b/patches/source/xorg-server/configure/xorg-server @@ -0,0 +1,44 @@ +# Servers to build: +BUILD_SERVERS="--enable-xorg \ + --enable-dmx \ + --enable-xvfb \ + --enable-xnest \ + --enable-kdrive \ + --enable-xephyr \ + --enable-xfbdev \ + --enable-config-udev \ + --disable-config-hal" + +MESA_VERSION=${MESA_VERSION:-7.5} # unused in 1.7+ + +# Default font paths to be used by the X server +DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-os-name="Slackware 14.0" \ + --with-os-vendor="Slackware Linux Project" \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + $BUILD_SERVERS \ + --build=$ARCH-slackware-linux + +# --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri + +if [ "$ARCH" = "x86_64" ]; then + # To prevent the error "No rule to make target `-ldl'" + sed -i -e 's#-ldl##' hw/xfree86/Makefile + sed -i -e 's#-lm#-lm -ldl#' hw/xfree86/Makefile +fi + diff --git a/patches/source/xorg-server/makepkg/xorg-server b/patches/source/xorg-server/makepkg/xorg-server new file mode 100644 index 000000000..67b93c971 --- /dev/null +++ b/patches/source/xorg-server/makepkg/xorg-server @@ -0,0 +1,35 @@ + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mv $PKG/usr/bin/Xnest ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mv $PKG/usr/man/man1/Xnest.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install +cat $CWD/slack-desc/xorg-server-xnest > ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xnest-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mv $PKG/usr/bin/Xvfb ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mv $PKG/usr/man/man1/Xvfb.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install +cat $CWD/slack-desc/xorg-server-xvfb > ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xvfb-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mv $PKG/usr/bin/Xephyr ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mv $PKG/usr/man/man1/Xephyr.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install +cat $CWD/slack-desc/xorg-server-xephyr > ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xephyr-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +# Build the main xorg-server package: +cd $PKG +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + diff --git a/patches/source/xorg-server/modularize b/patches/source/xorg-server/modularize new file mode 100644 index 000000000..d6eb2f68a --- /dev/null +++ b/patches/source/xorg-server/modularize @@ -0,0 +1,265 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xorg-server/noarch b/patches/source/xorg-server/noarch new file mode 100644 index 000000000..480ffc26c --- /dev/null +++ b/patches/source/xorg-server/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/xorg-server/package-blacklist b/patches/source/xorg-server/package-blacklist new file mode 100644 index 000000000..377624999 --- /dev/null +++ b/patches/source/xorg-server/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch new file mode 100644 index 000000000..40ac4ca02 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -0,0 +1,8 @@ +zcat $CWD/patch/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2013-1940.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2013-4396.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10971.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10972.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-13723.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-12176.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-12183.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff new file mode 100644 index 000000000..8c0e3b546 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff @@ -0,0 +1,14 @@ +diff -Nur xorg-server-1.12.1.orig/dix/window.c xorg-server-1.12.1/dix/window.c +--- xorg-server-1.12.1.orig/dix/window.c 2012-03-29 21:57:25.000000000 -0500 ++++ xorg-server-1.12.1/dix/window.c 2012-04-13 22:01:24.456073603 -0500 +@@ -145,8 +145,8 @@ + + Bool bgNoneRoot = FALSE; + +-static unsigned char _back_lsb[4] = { 0x88, 0x22, 0x44, 0x11 }; +-static unsigned char _back_msb[4] = { 0x11, 0x44, 0x22, 0x88 }; ++static unsigned char _back_lsb[4] = { 0x00, 0x00, 0x00, 0x00 }; ++static unsigned char _back_msb[4] = { 0x00, 0x00, 0x00, 0x00 }; + + static Bool WindowParentHasDeviceCursor(WindowPtr pWin, + DeviceIntPtr pDev, CursorPtr pCurs); diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-1940.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-1940.diff new file mode 100644 index 000000000..3d38e6fdf --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-1940.diff @@ -0,0 +1,12 @@ +--- ./hw/xfree86/os-support/shared/posix_tty.c.orig 2012-05-17 12:09:03.000000000 -0500 ++++ ./hw/xfree86/os-support/shared/posix_tty.c 2013-04-18 17:50:29.790140871 -0500 +@@ -421,7 +421,8 @@ + { + fd_set fds; + struct timeval timeout; +- char c[4]; ++ /* this needs to be big enough to flush an evdev event. */ ++ char c[256]; + + DebugF("FlushingSerial\n"); + if (tcflush(fd, TCIFLUSH) == 0) diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff new file mode 100644 index 000000000..14c31782f --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff @@ -0,0 +1,73 @@ +From 7bddc2ba16a2a15773c2ea8947059afa27727764 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith at oracle.com> +Date: Mon, 16 Sep 2013 21:47:16 -0700 +Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText() + [CVE-2013-4396] + +Save a pointer to the passed in closure structure before copying it +and overwriting the *c pointer to point to our copy instead of the +original. If we hit an error, once we free(c), reset c to point to +the original structure before jumping to the cleanup code that +references *c. + +Since one of the errors being checked for is whether the server was +able to malloc(c->nChars * itemSize), the client can potentially pass +a number of characters chosen to cause the malloc to fail and the +error path to be taken, resulting in the read from freed memory. + +Since the memory is accessed almost immediately afterwards, and the +X server is mostly single threaded, the odds of the free memory having +invalid contents are low with most malloc implementations when not using +memory debugging features, but some allocators will definitely overwrite +the memory there, leading to a likely crash. + +Reported-by: Pedro Ribeiro <pedrib at gmail.com> +Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com> +Reviewed-by: Julien Cristau <jcristau at debian.org> +--- + dix/dixfonts.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/dix/dixfonts.c b/dix/dixfonts.c +index feb765d..2e34d37 100644 +--- a/dix/dixfonts.c ++++ b/dix/dixfonts.c +@@ -1425,6 +1425,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1436,12 +1437,14 @@ doImageText(ClientPtr client, ITclosurePtr c) + err = BadAlloc; + goto bail; + } ++ old_closure = c; + *new_closure = *c; + c = new_closure; + + data = malloc(c->nChars * itemSize); + if (!data) { + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1452,6 +1455,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + if (!pGC) { + free(c->data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1464,6 +1468,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + FreeScratchGC(pGC); + free(c->data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff new file mode 100644 index 000000000..00ed28ac3 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff @@ -0,0 +1,40 @@ +From ba336b24052122b136486961c82deac76bbde455 Mon Sep 17 00:00:00 2001 +From: Michal Srb <msrb@suse.com> +Date: Wed, 24 May 2017 15:54:42 +0300 +Subject: Xi: Do not try to swap GenericEvent. + +The SProcXSendExtensionEvent must not attempt to swap GenericEvent because +it is assuming that the event has fixed size and gives the swapping function +xEvent-sized buffer. + +A GenericEvent would be later rejected by ProcXSendExtensionEvent anyway. + +Signed-off-by: Michal Srb <msrb@suse.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index 5e63bfc..5c2e0fc 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -95,9 +95,17 @@ SProcXSendExtensionEvent(ClientPtr client) + + eventP = (xEvent *) &stuff[1]; + for (i = 0; i < stuff->num_events; i++, eventP++) { ++ if (eventP->u.u.type == GenericEvent) { ++ client->errorValue = eventP->u.u.type; ++ return BadValue; ++ } ++ + proc = EventSwapVector[eventP->u.u.type & 0177]; +- if (proc == NotImplemented) /* no swapping proc; invalid event type? */ ++ /* no swapping proc; invalid event type? */ ++ if (proc == NotImplemented) { ++ client->errorValue = eventP->u.u.type; + return BadValue; ++ } + (*proc) (eventP, &eventT); + *eventP = eventT; + } +-- +cgit v0.10.2 diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff new file mode 100644 index 000000000..edddc8d66 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff @@ -0,0 +1,36 @@ +From 05442de962d3dc624f79fc1a00eca3ffc5489ced Mon Sep 17 00:00:00 2001 +From: Michal Srb <msrb@suse.com> +Date: Wed, 24 May 2017 15:54:39 +0300 +Subject: Xi: Zero target buffer in SProcXSendExtensionEvent. + +Make sure that the xEvent eventT is initialized with zeros, the same way as +in SProcSendEvent. + +Some event swapping functions do not overwrite all 32 bytes of xEvent +structure, for example XSecurityAuthorizationRevoked. Two cooperating +clients, one swapped and the other not, can send +XSecurityAuthorizationRevoked event to each other to retrieve old stack data +from X server. This can be potentialy misused to go around ASLR or +stack-protector. + +Signed-off-by: Michal Srb <msrb@suse.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index 11d8202..1cf118a 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -78,7 +78,7 @@ SProcXSendExtensionEvent(ClientPtr client) + { + CARD32 *p; + int i; +- xEvent eventT; ++ xEvent eventT = { .u.u.type = 0 }; + xEvent *eventP; + EventSwapPtr proc; + +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12176.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12176.diff new file mode 100644 index 000000000..9caf31247 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12176.diff @@ -0,0 +1,31 @@ +From b747da5e25be944337a9cd1415506fc06b70aa81 Mon Sep 17 00:00:00 2001 +From: Nathan Kidd <nkidd@opentext.com> +Date: Fri, 9 Jan 2015 10:15:46 -0500 +Subject: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) + +Reviewed-by: Julien Cristau <jcristau@debian.org> +Signed-off-by: Nathan Kidd <nkidd@opentext.com> +Signed-off-by: Julien Cristau <jcristau@debian.org> + +diff --git a/dix/dispatch.c b/dix/dispatch.c +index 8b371b6..176c7a0 100644 +--- a/dix/dispatch.c ++++ b/dix/dispatch.c +@@ -3702,7 +3702,12 @@ ProcEstablishConnection(ClientPtr client) + prefix = (xConnClientPrefix *) ((char *) stuff + sz_xReq); + auth_proto = (char *) prefix + sz_xConnClientPrefix; + auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto); +- if ((prefix->majorVersion != X_PROTOCOL) || ++ ++ if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix + ++ pad_to_int32(prefix->nbytesAuthProto) + ++ pad_to_int32(prefix->nbytesAuthString)) ++ reason = "Bad length"; ++ else if ((prefix->majorVersion != X_PROTOCOL) || + (prefix->minorVersion != X_PROTOCOL_REVISION)) + reason = "Protocol version mismatch"; + else +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12183.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12183.diff new file mode 100644 index 000000000..b88ba950e --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-12183.diff @@ -0,0 +1,95 @@ +From 55caa8b08c84af2b50fbc936cf334a5a93dd7db5 Mon Sep 17 00:00:00 2001 +From: Nathan Kidd <nkidd@opentext.com> +Date: Fri, 9 Jan 2015 11:43:05 -0500 +Subject: xfixes: unvalidated lengths (CVE-2017-12183) + +v2: Use before swap (Jeremy Huddleston Sequoia) + +v3: Fix wrong XFixesCopyRegion checks (Alan Coopersmith) + +Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> +Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com> +Reviewed-by: Julien Cristau <jcristau@debian.org> +Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com> +Signed-off-by: Nathan Kidd <nkidd@opentext.com> +Signed-off-by: Julien Cristau <jcristau@debian.org> + +diff --git a/xfixes/cursor.c b/xfixes/cursor.c +index c1ab3be..dc447ed 100644 +--- a/xfixes/cursor.c ++++ b/xfixes/cursor.c +@@ -281,6 +281,7 @@ int _X_COLD + SProcXFixesSelectCursorInput(ClientPtr client) + { + REQUEST(xXFixesSelectCursorInputReq); ++ REQUEST_SIZE_MATCH(xXFixesSelectCursorInputReq); + + swaps(&stuff->length); + swapl(&stuff->window); +@@ -414,7 +415,7 @@ ProcXFixesSetCursorName(ClientPtr client) + REQUEST(xXFixesSetCursorNameReq); + Atom atom; + +- REQUEST_AT_LEAST_SIZE(xXFixesSetCursorNameReq); ++ REQUEST_FIXED_SIZE(xXFixesSetCursorNameReq, stuff->nbytes); + VERIFY_CURSOR(pCursor, stuff->cursor, client, DixSetAttrAccess); + tchar = (char *) &stuff[1]; + atom = MakeAtom(tchar, stuff->nbytes, TRUE); +@@ -1007,6 +1008,8 @@ SProcXFixesCreatePointerBarrier(ClientPtr client) + int i; + CARD16 *in_devices = (CARD16 *) &stuff[1]; + ++ REQUEST_AT_LEAST_SIZE(xXFixesCreatePointerBarrierReq); ++ + swaps(&stuff->length); + swaps(&stuff->num_devices); + REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices)); +diff --git a/xfixes/region.c b/xfixes/region.c +index e773701..7c0a7d2 100644 +--- a/xfixes/region.c ++++ b/xfixes/region.c +@@ -359,6 +359,7 @@ ProcXFixesCopyRegion(ClientPtr client) + RegionPtr pSource, pDestination; + + REQUEST(xXFixesCopyRegionReq); ++ REQUEST_SIZE_MATCH(xXFixesCopyRegionReq); + + VERIFY_REGION(pSource, stuff->source, client, DixReadAccess); + VERIFY_REGION(pDestination, stuff->destination, client, DixWriteAccess); +@@ -375,7 +376,7 @@ SProcXFixesCopyRegion(ClientPtr client) + REQUEST(xXFixesCopyRegionReq); + + swaps(&stuff->length); +- REQUEST_AT_LEAST_SIZE(xXFixesCopyRegionReq); ++ REQUEST_SIZE_MATCH(xXFixesCopyRegionReq); + swapl(&stuff->source); + swapl(&stuff->destination); + return (*ProcXFixesVector[stuff->xfixesReqType]) (client); +diff --git a/xfixes/saveset.c b/xfixes/saveset.c +index 2043153..fd9c7a1 100644 +--- a/xfixes/saveset.c ++++ b/xfixes/saveset.c +@@ -62,6 +62,7 @@ int _X_COLD + SProcXFixesChangeSaveSet(ClientPtr client) + { + REQUEST(xXFixesChangeSaveSetReq); ++ REQUEST_SIZE_MATCH(xXFixesChangeSaveSetReq); + + swaps(&stuff->length); + swapl(&stuff->window); +diff --git a/xfixes/xfixes.c b/xfixes/xfixes.c +index 77efd64..248bf02 100644 +--- a/xfixes/xfixes.c ++++ b/xfixes/xfixes.c +@@ -160,6 +160,7 @@ static _X_COLD int + SProcXFixesQueryVersion(ClientPtr client) + { + REQUEST(xXFixesQueryVersionReq); ++ REQUEST_SIZE_MATCH(xXFixesQueryVersionReq); + + swaps(&stuff->length); + swapl(&stuff->majorVersion); +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-13723.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-13723.diff new file mode 100644 index 000000000..6e37be485 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-13723.diff @@ -0,0 +1,116 @@ +From 94f11ca5cf011ef123bd222cabeaef6f424d76ac Mon Sep 17 00:00:00 2001 +From: Keith Packard <keithp@keithp.com> +Date: Thu, 27 Jul 2017 10:08:32 -0700 +Subject: xkb: Handle xkb formated string output safely (CVE-2017-13723) + +Generating strings for XKB data used a single shared static buffer, +which offered several opportunities for errors. Use a ring of +resizable buffers instead, to avoid problems when strings end up +longer than anticipated. + +Reviewed-by: Michal Srb <msrb@suse.com> +Signed-off-by: Keith Packard <keithp@keithp.com> +Signed-off-by: Julien Cristau <jcristau@debian.org> + +diff --git a/xkb/xkbtext.c b/xkb/xkbtext.c +index ead2b1a..d2a2567 100644 +--- a/xkb/xkbtext.c ++++ b/xkb/xkbtext.c +@@ -47,23 +47,27 @@ + + /***====================================================================***/ + +-#define BUFFER_SIZE 512 +- +-static char textBuffer[BUFFER_SIZE]; +-static int tbNext = 0; ++#define NUM_BUFFER 8 ++static struct textBuffer { ++ int size; ++ char *buffer; ++} textBuffer[NUM_BUFFER]; ++static int textBufferIndex; + + static char * + tbGetBuffer(unsigned size) + { +- char *rtrn; ++ struct textBuffer *tb; + +- if (size >= BUFFER_SIZE) +- return NULL; +- if ((BUFFER_SIZE - tbNext) <= size) +- tbNext = 0; +- rtrn = &textBuffer[tbNext]; +- tbNext += size; +- return rtrn; ++ tb = &textBuffer[textBufferIndex]; ++ textBufferIndex = (textBufferIndex + 1) % NUM_BUFFER; ++ ++ if (size > tb->size) { ++ free(tb->buffer); ++ tb->buffer = xnfalloc(size); ++ tb->size = size; ++ } ++ return tb->buffer; + } + + /***====================================================================***/ +@@ -79,8 +83,6 @@ XkbAtomText(Atom atm, unsigned format) + int len; + + len = strlen(atmstr) + 1; +- if (len > BUFFER_SIZE) +- len = BUFFER_SIZE - 2; + rtrn = tbGetBuffer(len); + strlcpy(rtrn, atmstr, len); + } +@@ -128,8 +130,6 @@ XkbVModIndexText(XkbDescPtr xkb, unsigned ndx, unsigned format) + len = strlen(tmp) + 1; + if (format == XkbCFile) + len += 4; +- if (len >= BUFFER_SIZE) +- len = BUFFER_SIZE - 1; + rtrn = tbGetBuffer(len); + if (format == XkbCFile) { + strcpy(rtrn, "vmod_"); +@@ -140,6 +140,8 @@ XkbVModIndexText(XkbDescPtr xkb, unsigned ndx, unsigned format) + return rtrn; + } + ++#define VMOD_BUFFER_SIZE 512 ++ + char * + XkbVModMaskText(XkbDescPtr xkb, + unsigned modMask, unsigned mask, unsigned format) +@@ -147,7 +149,7 @@ XkbVModMaskText(XkbDescPtr xkb, + register int i, bit; + int len; + char *mm, *rtrn; +- char *str, buf[BUFFER_SIZE]; ++ char *str, buf[VMOD_BUFFER_SIZE]; + + if ((modMask == 0) && (mask == 0)) { + rtrn = tbGetBuffer(5); +@@ -173,7 +175,7 @@ XkbVModMaskText(XkbDescPtr xkb, + len = strlen(tmp) + 1 + (str == buf ? 0 : 1); + if (format == XkbCFile) + len += 4; +- if ((str - (buf + len)) <= BUFFER_SIZE) { ++ if ((str - (buf + len)) <= VMOD_BUFFER_SIZE) { + if (str != buf) { + if (format == XkbCFile) + *str++ = '|'; +@@ -199,8 +201,6 @@ XkbVModMaskText(XkbDescPtr xkb, + len = 0; + if (str) + len += strlen(str) + (mm == NULL ? 0 : 1); +- if (len >= BUFFER_SIZE) +- len = BUFFER_SIZE - 1; + rtrn = tbGetBuffer(len + 1); + rtrn[0] = '\0'; + +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/post-install/xorg-server.post-install b/patches/source/xorg-server/post-install/xorg-server.post-install new file mode 100644 index 000000000..e21a0f03a --- /dev/null +++ b/patches/source/xorg-server/post-install/xorg-server.post-install @@ -0,0 +1,66 @@ +# Create the configuration directories for xorg-server 1.9.x +mkdir -p $PKG/etc/X11/xorg.conf.d $PKG/usr/share/X11/xorg.conf.d + +# Create a sample keyboard layout +# Enable zapping by default +cat << EOF > $PKG/usr/share/X11/xorg.conf.d/90-keyboard-layout.conf +Section "InputClass" + Identifier "keyboard-all" + MatchIsKeyboard "on" + MatchDevicePath "/dev/input/event*" + Driver "evdev" + Option "XkbLayout" "us" + #Option "XkbVariant" "" + Option "XkbOptions" "terminate:ctrl_alt_bksp" +EndSection + +# READ THIS FOR CUSTOM KEYBOARD INFORMATION +# +# If you want to add a custom model/layout/variant to X, you will need to COPY +# this file to /etc/X11/xorg.conf.d/ and edit that copy. After editing it to +# suit, you will need to restart X. +# +# Here's an example of the lines from above: +# +# Section "InputClass" +# Identifier "keyboard-all" +# MatchIsKeyboard "on" +# MatchDevicePath "/dev/input/event*" +# Driver "evdev" +# Option "XkbLayout" "us" +# Option "XkbVariant" "intl" +# Option "XkbOptions" "compose:rwin,terminate:ctrl_alt_bksp" +# EndSection +# +# Many desktop environments, including KDE and Xfce, have their own methods to +# configure keyboard layouts and such if you'd like to use them. +# +# If you prefer to use the "old" way of configuring keyboards (without input +# device hotplugging), then you'll need to add the following lines to the +# ServerFlags section of /etc/X11/xorg.conf: +# Option "AllowEmptyInput" "false" +# Option "AutoAddDevices" "false" +# Option "AutoEnableDevices" "false" +# Alternatively, you can break this up into separate "stubs" in the xorg.conf.d/ +# directory, but that's your call. Assuming you elect to keep a monolithic +# /etc/X11/xorg.conf file, you can now edit the Keyboard section as usual. + +EOF + +# Add COPYING file: +mkdir -p $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION +cp -a COPYING $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION + +# Don't mess with my /var/log/ permissions: +rmdir $PKG/var/log +rmdir $PKG/var + +# While I hate to have X11 take over another generic-sounding +# piece of prime filesystem real estate, this symlink will +# direct (for now) proprietary X drivers into the corrent +# location: + +( cd $PKG/usr/lib + rm -rf modules + ln -sf xorg/modules . +) diff --git a/patches/source/xorg-server/slack-desc/xorg-server b/patches/source/xorg-server/slack-desc/xorg-server new file mode 100644 index 000000000..9d25b405d --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: The home page for the X project is: http://www.x.org diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xephyr b/patches/source/xorg-server/slack-desc/xorg-server-xephyr new file mode 100644 index 000000000..640f3d189 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xephyr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xnest b/patches/source/xorg-server/slack-desc/xorg-server-xnest new file mode 100644 index 000000000..393f93bdd --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xnest @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xvfb b/patches/source/xorg-server/slack-desc/xorg-server-xvfb new file mode 100644 index 000000000..aff9c642c --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xvfb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/source/xorg-server/x11.SlackBuild b/patches/source/xorg-server/x11.SlackBuild new file mode 100755 index 000000000..ca7297082 --- /dev/null +++ b/patches/source/xorg-server/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xorg-server/xorg-server.SlackBuild b/patches/source/xorg-server/xorg-server.SlackBuild new file mode 100755 index 000000000..688448ec4 --- /dev/null +++ b/patches/source/xorg-server/xorg-server.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xserver xorg-server +mv /tmp/x11-build/*txz /tmp |