mirror of
https://gitlab.freedesktop.org/xorg/xserver.git
synced 2025-12-20 12:50:04 +01:00
d4944ceda1
Due to a switched order of parameters in the xorg_list_add() call inside ProcRRCreateLease(), adding a new lease for RandR output leasing does not actually add the new RRLeasePtr lease record to the list of existing leases for a X-Screen, but instead replaces the existing list with a new list that has the new lease as the only element, and probably leaks a bit of memory. Therefore the server "forgets" all active leases for a screen, except for the last added lease. If multiple leases are created in a session, then destruction of all leases but the last one will fail in many cases, e.g., during server shutdown in RRCloseScreen(), or resource destruction, e.g., in RRCrtcDestroyResource(). Most importantly, it fails if a client simply close(fd)'es the DRM master descriptor to release a lease, quits, gets killed or crashes. In this case the kernel will destroy the lease and shut down the display output, then send a lease event via udev to the ddx, which e.g., in the modesetting-ddx will trigger a call to drmmode_validate_leases(). That function is supposed to detect the released lease and tell the server to terminate the lease on the server side as well, via xf86CrtcLeaseTerminated(), but this doesn't happen for all the leases the server has forgotten. The end result is a dead video output, as the server won't reinitialize the crtc's corresponding to the terminated but forgotten lease. This bug was observed when using the amdvlk AMD OSS Vulkan driver and trying to lease multiple VKDisplay's, and also under Mesa radv, as both Mesa Vulkan/WSI/Display and amdvlk terminate leases by simply close()ing the lease fd, not by sending explicit RandR protocol requests to free leases. Leasing worked, but ending a session with multiple active leases ended in a lot of unpleasant darkness. Fixing the wrong argument order to xorg_list_add() fixes the problem. Tested on single-X-Screen and dual-X-Screen setups, with one, two or three active leases. Please merge this for the upcoming server 21.1 branch. Merging into server 1.20 would also make a lot of sense. Fixes:e4e3447603Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com> Cc: Keith Packard <keithp@keithp.com> (cherry picked from commitf467f85ca1)
351 lines
8.9 KiB
C
351 lines
8.9 KiB
C
/*
|
|
* Copyright © 2017 Keith Packard
|
|
*
|
|
* Permission to use, copy, modify, distribute, and sell this software and its
|
|
* documentation for any purpose is hereby granted without fee, provided that
|
|
* the above copyright notice appear in all copies and that both that copyright
|
|
* notice and this permission notice appear in supporting documentation, and
|
|
* that the name of the copyright holders not be used in advertising or
|
|
* publicity pertaining to distribution of the software without specific,
|
|
* written prior permission. The copyright holders make no representations
|
|
* about the suitability of this software for any purpose. It is provided "as
|
|
* is" without express or implied warranty.
|
|
*
|
|
* THE COPYRIGHT HOLDERS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
|
|
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
|
|
* EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
|
|
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
|
|
* DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
|
|
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
|
|
* OF THIS SOFTWARE.
|
|
*/
|
|
|
|
#include "randrstr.h"
|
|
#include "swaprep.h"
|
|
#include <unistd.h>
|
|
|
|
RESTYPE RRLeaseType;
|
|
|
|
/*
|
|
* Notify of some lease change
|
|
*/
|
|
void
|
|
RRDeliverLeaseEvent(ClientPtr client, WindowPtr window)
|
|
{
|
|
ScreenPtr screen = window->drawable.pScreen;
|
|
rrScrPrivPtr scr_priv = rrGetScrPriv(screen);
|
|
RRLeasePtr lease;
|
|
|
|
UpdateCurrentTimeIf();
|
|
xorg_list_for_each_entry(lease, &scr_priv->leases, list) {
|
|
if (lease->id != None && (lease->state == RRLeaseCreating ||
|
|
lease->state == RRLeaseTerminating))
|
|
{
|
|
xRRLeaseNotifyEvent le = (xRRLeaseNotifyEvent) {
|
|
.type = RRNotify + RREventBase,
|
|
.subCode = RRNotify_Lease,
|
|
.timestamp = currentTime.milliseconds,
|
|
.window = window->drawable.id,
|
|
.lease = lease->id,
|
|
.created = lease->state == RRLeaseCreating,
|
|
};
|
|
WriteEventsToClient(client, 1, (xEvent *) &le);
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Change the state of a lease and let anyone watching leases know
|
|
*/
|
|
static void
|
|
RRLeaseChangeState(RRLeasePtr lease, RRLeaseState old, RRLeaseState new)
|
|
{
|
|
ScreenPtr screen = lease->screen;
|
|
rrScrPrivPtr scr_priv = rrGetScrPriv(screen);
|
|
|
|
lease->state = old;
|
|
scr_priv->leasesChanged = TRUE;
|
|
RRSetChanged(lease->screen);
|
|
RRTellChanged(lease->screen);
|
|
scr_priv->leasesChanged = FALSE;
|
|
lease->state = new;
|
|
}
|
|
|
|
/*
|
|
* Allocate and initialize a lease
|
|
*/
|
|
static RRLeasePtr
|
|
RRLeaseAlloc(ScreenPtr screen, RRLease lid, int numCrtcs, int numOutputs)
|
|
{
|
|
RRLeasePtr lease;
|
|
lease = calloc(1,
|
|
sizeof(RRLeaseRec) +
|
|
numCrtcs * sizeof (RRCrtcPtr) +
|
|
numOutputs * sizeof(RROutputPtr));
|
|
if (!lease)
|
|
return NULL;
|
|
lease->screen = screen;
|
|
xorg_list_init(&lease->list);
|
|
lease->id = lid;
|
|
lease->state = RRLeaseCreating;
|
|
lease->numCrtcs = numCrtcs;
|
|
lease->numOutputs = numOutputs;
|
|
lease->crtcs = (RRCrtcPtr *) (lease + 1);
|
|
lease->outputs = (RROutputPtr *) (lease->crtcs + numCrtcs);
|
|
return lease;
|
|
}
|
|
|
|
/*
|
|
* Check if a crtc is leased
|
|
*/
|
|
Bool
|
|
RRCrtcIsLeased(RRCrtcPtr crtc)
|
|
{
|
|
ScreenPtr screen = crtc->pScreen;
|
|
rrScrPrivPtr scr_priv = rrGetScrPriv(screen);
|
|
RRLeasePtr lease;
|
|
int c;
|
|
|
|
xorg_list_for_each_entry(lease, &scr_priv->leases, list) {
|
|
for (c = 0; c < lease->numCrtcs; c++)
|
|
if (lease->crtcs[c] == crtc)
|
|
return TRUE;
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
/*
|
|
* Check if an output is leased
|
|
*/
|
|
Bool
|
|
RROutputIsLeased(RROutputPtr output)
|
|
{
|
|
ScreenPtr screen = output->pScreen;
|
|
rrScrPrivPtr scr_priv = rrGetScrPriv(screen);
|
|
RRLeasePtr lease;
|
|
int o;
|
|
|
|
xorg_list_for_each_entry(lease, &scr_priv->leases, list) {
|
|
for (o = 0; o < lease->numOutputs; o++)
|
|
if (lease->outputs[o] == output)
|
|
return TRUE;
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
/*
|
|
* A lease has been terminated.
|
|
* The driver is responsible for noticing and
|
|
* calling this function when that happens
|
|
*/
|
|
|
|
void
|
|
RRLeaseTerminated(RRLeasePtr lease)
|
|
{
|
|
/* Notify clients with events, but only if this isn't during lease creation */
|
|
if (lease->state == RRLeaseRunning)
|
|
RRLeaseChangeState(lease, RRLeaseTerminating, RRLeaseTerminating);
|
|
|
|
if (lease->id != None)
|
|
FreeResource(lease->id, RT_NONE);
|
|
|
|
xorg_list_del(&lease->list);
|
|
}
|
|
|
|
/*
|
|
* A lease is completely shut down and is
|
|
* ready to be deallocated
|
|
*/
|
|
|
|
void
|
|
RRLeaseFree(RRLeasePtr lease)
|
|
{
|
|
free(lease);
|
|
}
|
|
|
|
/*
|
|
* Ask the driver to terminate a lease. The
|
|
* driver will call RRLeaseTerminated when that has
|
|
* finished, which may be some time after this function returns
|
|
* if the driver operation is asynchronous
|
|
*/
|
|
void
|
|
RRTerminateLease(RRLeasePtr lease)
|
|
{
|
|
ScreenPtr screen = lease->screen;
|
|
rrScrPrivPtr scr_priv = rrGetScrPriv(screen);
|
|
|
|
scr_priv->rrTerminateLease(screen, lease);
|
|
}
|
|
|
|
/*
|
|
* Destroy a lease resource ID. All this
|
|
* does is note that the lease no longer has an ID, and
|
|
* so doesn't appear over the protocol anymore.
|
|
*/
|
|
static int
|
|
RRLeaseDestroyResource(void *value, XID pid)
|
|
{
|
|
RRLeasePtr lease = value;
|
|
|
|
lease->id = None;
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Create the lease resource type during server initialization
|
|
*/
|
|
Bool
|
|
RRLeaseInit(void)
|
|
{
|
|
RRLeaseType = CreateNewResourceType(RRLeaseDestroyResource, "LEASE");
|
|
if (!RRLeaseType)
|
|
return FALSE;
|
|
return TRUE;
|
|
}
|
|
|
|
int
|
|
ProcRRCreateLease(ClientPtr client)
|
|
{
|
|
REQUEST(xRRCreateLeaseReq);
|
|
xRRCreateLeaseReply rep;
|
|
WindowPtr window;
|
|
ScreenPtr screen;
|
|
rrScrPrivPtr scr_priv;
|
|
RRLeasePtr lease;
|
|
RRCrtc *crtcIds;
|
|
RROutput *outputIds;
|
|
int fd;
|
|
int rc;
|
|
unsigned long len;
|
|
int c, o;
|
|
|
|
REQUEST_AT_LEAST_SIZE(xRRCreateLeaseReq);
|
|
|
|
LEGAL_NEW_RESOURCE(stuff->lid, client);
|
|
|
|
rc = dixLookupWindow(&window, stuff->window, client, DixGetAttrAccess);
|
|
if (rc != Success)
|
|
return rc;
|
|
|
|
len = client->req_len - bytes_to_int32(sizeof(xRRCreateLeaseReq));
|
|
|
|
if (len != stuff->nCrtcs + stuff->nOutputs)
|
|
return BadLength;
|
|
|
|
screen = window->drawable.pScreen;
|
|
scr_priv = rrGetScrPriv(screen);
|
|
|
|
if (!scr_priv)
|
|
return BadMatch;
|
|
|
|
if (!scr_priv->rrCreateLease)
|
|
return BadMatch;
|
|
|
|
/* Allocate a structure to hold all of the lease information */
|
|
|
|
lease = RRLeaseAlloc(screen, stuff->lid, stuff->nCrtcs, stuff->nOutputs);
|
|
if (!lease)
|
|
return BadAlloc;
|
|
|
|
/* Look up all of the crtcs */
|
|
crtcIds = (RRCrtc *) (stuff + 1);
|
|
for (c = 0; c < stuff->nCrtcs; c++) {
|
|
RRCrtcPtr crtc;
|
|
|
|
rc = dixLookupResourceByType((void **)&crtc, crtcIds[c],
|
|
RRCrtcType, client, DixSetAttrAccess);
|
|
|
|
if (rc != Success) {
|
|
client->errorValue = crtcIds[c];
|
|
goto bail_lease;
|
|
}
|
|
|
|
if (RRCrtcIsLeased(crtc)) {
|
|
client->errorValue = crtcIds[c];
|
|
rc = BadAccess;
|
|
goto bail_lease;
|
|
}
|
|
|
|
lease->crtcs[c] = crtc;
|
|
}
|
|
|
|
/* Look up all of the outputs */
|
|
outputIds = (RROutput *) (crtcIds + stuff->nCrtcs);
|
|
for (o = 0; o < stuff->nOutputs; o++) {
|
|
RROutputPtr output;
|
|
|
|
rc = dixLookupResourceByType((void **)&output, outputIds[o],
|
|
RROutputType, client, DixSetAttrAccess);
|
|
if (rc != Success) {
|
|
client->errorValue = outputIds[o];
|
|
goto bail_lease;
|
|
}
|
|
|
|
if (RROutputIsLeased(output)) {
|
|
client->errorValue = outputIds[o];
|
|
rc = BadAccess;
|
|
goto bail_lease;
|
|
}
|
|
|
|
lease->outputs[o] = output;
|
|
}
|
|
|
|
rc = scr_priv->rrCreateLease(screen, lease, &fd);
|
|
if (rc != Success)
|
|
goto bail_lease;
|
|
|
|
xorg_list_add(&lease->list, &scr_priv->leases);
|
|
|
|
if (!AddResource(stuff->lid, RRLeaseType, lease)) {
|
|
close(fd);
|
|
return BadAlloc;
|
|
}
|
|
|
|
if (WriteFdToClient(client, fd, TRUE) < 0) {
|
|
RRTerminateLease(lease);
|
|
close(fd);
|
|
return BadAlloc;
|
|
}
|
|
|
|
RRLeaseChangeState(lease, RRLeaseCreating, RRLeaseRunning);
|
|
|
|
rep = (xRRCreateLeaseReply) {
|
|
.type = X_Reply,
|
|
.nfd = 1,
|
|
.sequenceNumber = client->sequence,
|
|
.length = 0,
|
|
};
|
|
|
|
if (client->swapped) {
|
|
swaps(&rep.sequenceNumber);
|
|
swapl(&rep.length);
|
|
}
|
|
|
|
WriteToClient(client, sizeof (rep), &rep);
|
|
|
|
return Success;
|
|
|
|
bail_lease:
|
|
free(lease);
|
|
return rc;
|
|
}
|
|
|
|
int
|
|
ProcRRFreeLease(ClientPtr client)
|
|
{
|
|
REQUEST(xRRFreeLeaseReq);
|
|
RRLeasePtr lease;
|
|
|
|
REQUEST_SIZE_MATCH(xRRFreeLeaseReq);
|
|
|
|
VERIFY_RR_LEASE(stuff->lid, lease, DixDestroyAccess);
|
|
|
|
if (stuff->terminate)
|
|
RRTerminateLease(lease);
|
|
else
|
|
/* Get rid of the resource database entry */
|
|
FreeResource(stuff->lid, RT_NONE);
|
|
|
|
return Success;
|
|
}
|