Age | Commit message (Collapse) | Author |
|
Add some test files and routines for dbus policy checking.
|
|
Add policy_check() to actually check whether an incoming message is allowed
by the policy. The code is not yet used from the proxy daemon, though.
|
|
|
|
This function is quite useful for debugging. Exiting from it seems
unnecessary.
|
|
Instead of making the function call itself recursively.
|
|
Do the lookup during parsing already, and set i->uid, or i->gid to the
numerical values.
|
|
|
|
In the D-Bus policy, the order of items matters, so make sure to store them
in the same order as they are parsed by the sax parser.
|
|
|
|
The GETXY ioctls of DRM are usually called twice by libdrm: Once to
retrieve the number of objects, a second time with suitably sized buffers
to actually retrieve all objects. In grdrm, we avoid these excessive calls
and instead just call ioctls with cached buffers and resize them if they
were too small.
However, connectors need to read the mode list via EDID, which is horribly
slow. As the kernel still cannot do that asynchronously (seriously, we
need to fix this!), it has a hack to only do it if count_modes==0. This is
fine with libdrm, as it calls every ioctl twice, anyway. However, we fail
horribly with this as we usually never pass 0.
Fix this by calling into GETCONNECTOR ioctls twice in case we received an
hotplug event. Only in those cases, we need to re-read modes, so this
should be totally fine.
|
|
Multiple issues here:
1) Don't print excessive card dumps on each resync. Disable it and make
developers add it themselves.
2) Ignore EINVAL on page-flips. Some cards don't support page-flips, so
we'd print it on each frame. Maybe, at some point, the kernel will add
support to retrieve capabilities for that. Until then, simply ignore
it.
3) Replace the now dropped card-dump with a short message about resyncing
the card.
|
|
Whenever we cannot use hardware frame events, we now schedule a virtual
frame event to make sure applications don't have to do this. Usually,
applications render only on data changes, but we can further reduce
render-time by also limiting rendering to vsyncs.
|
|
Whenever a display is added or changed, we suppressed any frame events.
Make sure to raise them manually so we can avoid rendering when handling
anything but FRAME events.
|
|
This helper is quite huge, split it apart to make it easier to follow.
|
|
Whenever we get udev hotplug events, re-read the device state so we
properly detect any changed in the display setups.
|
|
If we get udev-device events via sysview, but they lack devnum
annotations, we know it cannot be a DRM card. Look through it's parents
and treat it as hotplug event in case we find such a card.
This will treat any new/removed connectors as sub-devices of the real
card, instead of as devices on its own.
|
|
Properly forward DEVICE_CHANGE events into grdev so we can react to
changing display setups.
|
|
The high frequency of the color-morphing is kinda irritating. Reduce it
to a much lower frequency so you can actually look at it longer than few
seconds.
|
|
So far, we only forward DRM cards via sysview APIs. However, with MST,
connectors can be hotplugged, too. Forward the connectors as first-level
devices via sysview so API users can react to changing DRM connectors.
|
|
Whe need to react to "change" events on devices, but we want to avoid
duplicating udev-monitors everywhere. Therefore, make sysview forward
change events to the sysview controllers, which can then properly react
to it.
|
|
When deciding what seat a device is on, we have to traverse all parents
to find one with an ID_SEAT tag, otherwise, input devices plugged on a
seated USB-hub are not automatically attached to the right seat. But any
tags on the main device still overwrite the tags of the childs, so fix our
logic to check the device itself first, before traversing the parents.
|
|
Reported by: James Lott <james@lottspot.com>
|
|
The systemd-modeset tool is meant to debug grdev issues. It simply
displays morphing colors on any found display. This is pretty handy to
look for tearing in the backends and debug hotplug issues.
Note that this tool requires systemd-logind to be compiled from git
(there're important fixes that haven't been released, yet).
|
|
The grdev-drm backend manages DRM cards for grdev. Any DRM card with
DUMB_BUFFER support can be used. So far, our policy is to configure all
available connectors, but keep pipes inactive as long as users don't
enable the displays on top.
We hard-code double-buffering so far, but can easily support
single-buffering or n-buffering. We also require XRGB8888 as format as
this is required to be supported by all DRM drivers and it is what VTs
use. This allows us to switch from VTs to grdev via page-flips instead of
deep modesets.
There is still a lot room for improvements in this backend, but it works
smoothly so far so more enhanced features can be added later.
|
|
The grdev layer provides graphics-device access via the
libsystemd-terminal library. It will be used by all terminal helpers to
actually access display hardware.
Like idev, the grdev layer is built around session objects. On each
session object you add/remove graphics devices as they appear and vanish.
Any device type can be supported via specific card-backends. The exported
grdev API hides any device details.
Graphics devices are represented by "cards". Those are hidden in the
session and any pipe-configuration is automatically applied. Out of those,
we configure displays which are then exported to the API user. Displays
are meant as lowest hardware entity available outside of grdev. The
underlying pipe configuration is fully hidden and not accessible from the
outside. The grdev tiling layer allows almost arbitrary setups out of
multiple pipes, but so far we only use a small subset of this. More will
follow.
A grdev-display is meant to represent real connected displays/monitors.
The upper level screen arrangements are user policy and not controlled by
grdev. Applications are free to apply any policy they want.
Real card-backends will follow in later patches.
|
|
If a session controller does not need synchronous VT switches, we allow
them to pass VT control to logind, which acknowledges all VT switches
unconditionally. This works fine with all sessions using the dbus API,
but causes out-of-sync device use if we switch to legacy sessions that
are notified via VT signals. Those are processed before logind notices
the session-switch via sysfs. Therefore, leaving the old session still
active for a short amount of time.
This, in fact, may cause the legacy session to prepare graphics devices
before the old session was deactivated, and thus, maybe causing the old
session to interfer with graphics device usage.
Fix this by releasing devices immediately before acknowledging VT
switches. This way, sessions without VT handlers are required to support
async session switching (which they do in that case, anyway).
|
|
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
|
|
Also modernize a few other things and add comments to explain CID #1237503
and CID #1237504.
|
|
Found by coverity. Fixes: CID#1237512
|
|
|
|
|
|
TIOCSIG is linux specific, so include the linux ioctl header to make sure
it's defined. We currently rely on some rather non-obvious recursive
includes. Make sure its always defined regardless of the system headers.
|
|
c > 0 is already guaranteed from earlier checks.
We go from
ms = ALIGN(l+1) +
sizeof(char*) +
(c > 0 ? c : 1) * ALIGN(alen) +
(c > 0 ? c+1 : 2) * sizeof(char*);
to
ms = ALIGN(l+1) +
sizeof(char*) +
c * ALIGN(alen) +
(c+1) * sizeof(char*);
to
ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*);
Found by coverity. Fixes: CID#1237570 and CID#1237610
|
|
Fonud by Coverity. Fixes CID #1237534.
|
|
|
|
Spotted by Andreas Henriksson.
|
|
No functional change.
Found by Coverity. Fixes CID #1237533.
|
|
No functional change, just log the warning.
Fonud by Coverity. Fixes CID #1237544.
|
|
Fonud by Coverity. Fixes CID #996255.
|
|
One reported by Coverity. Fixes CID #996252.
|
|
Found by Coverity. Fixes CID #1238780.
|
|
Handle sd_event_default returning error and bail out properly
as done in every other caller of this function.
Found by coverity. Fixes: CID#1238957
|
|
Gcc is spewing some warnings about uninitialized variables.
Let's get rid of the noise.
|
|
Gcc is spewing some warnings about uninitialized variables.
Let's get rid of the noise.
|
|
When compiling we see this curl warning popping up:
src/journal-remote/journal-upload.c:194:17: warning: call to
‘_curl_easy_setopt_err_error_buffer’ declared with attribute
warning: curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE
as argument for this option [enabled by default]
This patch removes the warning (which occurs twice).
|
|
|
|
|
|
|
|
|
|
There is a very unlikely case where this can happen since gcc usually
does the sane thing. But let's make sure found_last is initialized anyway.
Fixes: CID#996386
|