wayland - [no description]

	Commit message (Collapse)	Author	Age	Files	Lines
*	cursor: memfd_create: try MFD_NOEXEC_SEAL	6t8k	2024-04-21	1	-1/+20
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Effective from Linux 6.3 onward, this creates the memfd without execute permissions and prevents that setting from ever being changed. A run-time fallback is made to not using MFD_NOEXEC_SEAL when a libwayland-cursor compiled on Linux >= 6.3 is run on Linux < 6.3. This is a defense-in-depth security measure and silences a respective kernel warning; see: https://lwn.net/Articles/918106/ This implementation is adopted from dnkl's `foot` terminal emulator. Signed-off-by: 6t8k <6t8k@noreply.codeberg.org>
*	cursor/os-compatibility: handle EINTR gracefully	Olivier Fourdan	2022-06-09	1	-2/+20
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	If os_resize_anonymous_file() called from os_create_anonymous_file() fails with EINTR (Interrupted system call), then the buffer allocation fails. To avoid that, retry posix_fallocate() on EINTR. However, in the presence of an alarm, the interrupt may trigger repeatedly and prevent a large posix_fallocate() to ever complete successfully, so we need to first block SIGALRM to prevent this. Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
*	Check that XDG base directories paths are absolute	Antonin Décimo	2022-06-09	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The [spec][1] reads: > All paths set in these environment variables must be absolute. If an > implementation encounters a relative path in any of these variables it should > consider the path invalid and ignore it. and > If $XDG_DATA_HOME is either not set or empty, a default equal to > $HOME/.local/share should be used. Testing that the path is absolute also entails that is is non-empty. [1]: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html Signed-off-by: Antonin Décimo <antonin.decimo@gmail.com>
*	cursor/os-compatibility: fix trailing space	Simon Ser	2022-06-04	1	-1/+1
\| \| \| \|	Signed-off-by: Simon Ser <contact@emersion.fr>
*	cursor/os-compatibility: remove strcpy/strcat usage	Simon Ser	2022-06-04	1	-3/+5
\| \| \| \| \| \| \|	These functions don't perform bounds checking, so they are easy to misuse and complicate audits. Signed-off-by: Simon Ser <contact@emersion.fr>
*	cursor: fix typo "insufficent"	Maxime Roussin-Bélanger	2020-12-17	1	-1/+1
\|
*	cursor/os-compatibility: move resizing into a separate function	Jan Beich	2020-02-23	1	-13/+17
\| \| \| \|	Signed-off-by: Jan Beich <jbeich@FreeBSD.org>
*	cursor: posix_fallocate may fail with EINVAL if not supported	Jan Beich	2020-02-23	1	-3/+3
\| \| \| \| \| \| \|	ZFS on FreeBSD >= 12.0 returns EINVAL, see https://svnweb.freebsd.org/changeset/base/325320 Signed-off-by: Jan Beich <jbeich@FreeBSD.org>
*	os: fallback for unsupported posix_fallocate	Ihor Antonov	2020-01-23	1	-3/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Some filesystems do not support fallocate and return EOPNOTSUPP. On musl-based distros libwayland-cursor exits abruptly which causes the application to crash. Unlike glibc, musl does not provide a fallback mechanism for handling unsupported fallocate. Instead, musl developers argue that application should handle the case of unsupported system call. This commit allows falback to ftruncate in case when EOPNOTSUPP was recieved. Signed-off-by: Ihor Antonov <ihor@antonovs.family>
*	cursor: Use memfd_create() when available	Emmanuel Gil Peyrot	2019-07-21	1	-15/+41
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This (so-far) Linux-only API lets users create file descriptors purely in memory, without any backing file on the filesystem and the race condition which could ensue when unlink()ing it. It also allows seals to be placed on the file, ensuring to every other process that we won’t be allowed to shrink the contents, potentially causing a SIGBUS when they try reading it. This patch is best viewed with the -w option of git log -p. Signed-off-by: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> Reviewed-by: Simon Ser <contact@emersion.fr>
*	cursor: Remove "weston" from anonymous shm filenames	Derek Foreman	2016-11-21	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \|	This mildly confused me during some debugging, so I guess it wouldn't hurt to make the filename more indicative of where it was actually created. Signed-off-by: Derek Foreman <derekf@osg.samsung.com> Reviewed-by: Yong Bakos <ybakos@humanoriented.com> Reviewed-by: Giulio Camuffo <giuliocamuffo@gmail.com> Reviewed-by: Daniel Stone <daniels@collabora.com>
*	cursor: Update boilerplate from MIT X11 license to MIT Expat license	Bryce Harrington	2015-06-12	1	-16/+19
\| \| \| \| \|	Signed-off-by: Bryce Harrington <bryce@osg.samsung.com> Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
*	os: use posix_fallocate in creating sharable buffers	Pekka Paalanen	2013-12-02	1	-1/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If posix_fallocate is available, use it instead of ftruncate. Unlike ftruncate, when posix_fallocate succeeds, it guarantees that you cannot run out of disk space, when later writing to the mmap()'ed file. With posix_fallocate, if os_create_anonymous_file() succeeds, the program cannot get a SIGBUS later from accessing this file via mmap. If there is insufficient disk space, the function fails and errno is set to ENOSPC. This is useful on systems, that limit the available buffer space by having XDG_RUNTIME_DIR on a small tmpfs. Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
*	cursor: use os_create_anonymous_file()	Pekka Paalanen	2012-07-10	1	-0/+128
	Copy the implementation of os_create_anonymous_file() here from weston, so we can use it instead of hardcoding a path to /tmp. Signed-off-by: Pekka Paalanen <ppaalanen@gmail.com>