66f3cc0b96
Fixes the following security issues: - CVE-2022-3550: A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051. - CVE-2022-3551: A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
199 lines
5.6 KiB
Makefile
199 lines
5.6 KiB
Makefile
################################################################################
|
|
#
|
|
# xserver_xorg-server
|
|
#
|
|
################################################################################
|
|
|
|
XSERVER_XORG_SERVER_VERSION = 21.1.4
|
|
XSERVER_XORG_SERVER_SOURCE = xorg-server-$(XSERVER_XORG_SERVER_VERSION).tar.xz
|
|
XSERVER_XORG_SERVER_SITE = https://xorg.freedesktop.org/archive/individual/xserver
|
|
XSERVER_XORG_SERVER_LICENSE = MIT
|
|
XSERVER_XORG_SERVER_LICENSE_FILES = COPYING
|
|
XSERVER_XORG_SERVER_SELINUX_MODULES = xdg xserver
|
|
XSERVER_XORG_SERVER_INSTALL_STAGING = YES
|
|
|
|
# 0002-xkb-proof-GetCountedString-against-request-length-at.patch
|
|
XSERVER_XORG_SERVER_IGNORE_CVES += CVE-2022-3550
|
|
|
|
# 0003-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
|
|
XSERVER_XORG_SERVER_IGNORE_CVES += CVE-2022-3551
|
|
|
|
XSERVER_XORG_SERVER_DEPENDENCIES = \
|
|
xutil_util-macros \
|
|
xlib_libX11 \
|
|
xlib_libXau \
|
|
xlib_libXdmcp \
|
|
xlib_libXext \
|
|
xlib_libXfixes \
|
|
xlib_libXfont2 \
|
|
xlib_libXi \
|
|
xlib_libXrender \
|
|
xlib_libXres \
|
|
xlib_libXft \
|
|
xlib_libXcursor \
|
|
xlib_libXinerama \
|
|
xlib_libXrandr \
|
|
xlib_libXdamage \
|
|
xlib_libXxf86vm \
|
|
xlib_libxkbfile \
|
|
xlib_libxcvt \
|
|
xlib_xtrans \
|
|
xdata_xbitmaps \
|
|
xorgproto \
|
|
xkeyboard-config \
|
|
pixman \
|
|
mcookie \
|
|
host-pkgconf
|
|
|
|
# We force -O2 regardless of the optimization level chosen by the
|
|
# user, as the X.org server is known to trigger some compiler bugs at
|
|
# -Os on several architectures.
|
|
XSERVER_XORG_SERVER_CONF_OPTS = \
|
|
--disable-config-hal \
|
|
--enable-record \
|
|
--disable-xnest \
|
|
--disable-unit-tests \
|
|
--with-builder-addr=buildroot@buildroot.org \
|
|
CFLAGS="$(TARGET_CFLAGS) -I$(STAGING_DIR)/usr/include/pixman-1 -O2" \
|
|
--with-fontrootdir=/usr/share/fonts/X11/ \
|
|
--$(if $(BR2_PACKAGE_XSERVER_XORG_SERVER_XEPHYR),en,dis)able-xephyr \
|
|
--$(if $(BR2_PACKAGE_XSERVER_XORG_SERVER_XVFB),en,dis)able-xvfb
|
|
|
|
ifeq ($(BR2_PACKAGE_SYSTEMD),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += \
|
|
--with-systemd-daemon \
|
|
--enable-systemd-logind
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += \
|
|
systemd
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += \
|
|
--without-systemd-daemon \
|
|
--disable-systemd-logind
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_XSERVER_XORG_SERVER_MODULAR),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-xorg
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libpciaccess
|
|
ifeq ($(BR2_PACKAGE_LIBDRM),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libdrm
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-libdrm
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-libdrm
|
|
endif
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-xorg
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_XSERVER_XORG_SERVER_KDRIVE),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += \
|
|
--enable-kdrive \
|
|
--disable-glx \
|
|
--disable-dri
|
|
|
|
ifeq ($(BR2_PACKAGE_XSERVER_XORG_SERVER_XEPHYR),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += \
|
|
xcb-util-image \
|
|
xcb-util-keysyms \
|
|
xcb-util-renderutil \
|
|
xcb-util-wm
|
|
endif
|
|
else # modular
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-kdrive
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_HAS_LIBGL),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-dri --enable-glx
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libgl
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-dri --disable-glx
|
|
endif
|
|
|
|
# Optional packages
|
|
ifeq ($(BR2_PACKAGE_HAS_UDEV),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += udev
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-config-udev
|
|
# udev kms support depends on libdrm and dri2
|
|
ifeq ($(BR2_PACKAGE_LIBDRM),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-config-udev-kms
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-config-udev-kms
|
|
endif
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_DBUS),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += dbus
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-config-dbus
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_FREETYPE),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += freetype
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBUNWIND),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libunwind
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-libunwind
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-libunwind
|
|
endif
|
|
|
|
ifneq ($(BR2_PACKAGE_XLIB_LIBXVMC),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-xvmc
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_XLIB_LIBXCOMPOSITE),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += xlib_libXcomposite
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-composite
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_XSERVER_XORG_SERVER_MODULAR),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-dri2
|
|
ifeq ($(BR2_PACKAGE_XLIB_LIBXSHMFENCE),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += xlib_libxshmfence
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-dri3
|
|
ifeq ($(BR2_PACKAGE_HAS_LIBEGL)$(BR2_PACKAGE_HAS_LIBGL)$(BR2_PACKAGE_LIBEPOXY),yyy)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libepoxy
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-glamor
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-glamor
|
|
endif
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-dri3 --disable-glamor
|
|
endif
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-dri2 --disable-dri3 --disable-glamor
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_XLIB_LIBXSCRNSAVER),y)
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += xlib_libXScrnSaver
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --enable-screensaver
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --disable-screensaver
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_OPENSSL),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --with-sha1=libcrypto
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += openssl
|
|
else ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --with-sha1=libgcrypt
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libgcrypt
|
|
else
|
|
XSERVER_XORG_SERVER_CONF_OPTS += --with-sha1=libsha1
|
|
XSERVER_XORG_SERVER_DEPENDENCIES += libsha1
|
|
endif
|
|
|
|
define XSERVER_XORG_SERVER_INSTALL_INIT_SYSTEMD
|
|
$(INSTALL) -D -m 0644 package/x11r7/xserver_xorg-server/xorg.service \
|
|
$(TARGET_DIR)/usr/lib/systemd/system/xorg.service
|
|
endef
|
|
|
|
# init script conflicts with S90nodm
|
|
ifneq ($(BR2_PACKAGE_NODM),y)
|
|
define XSERVER_XORG_SERVER_INSTALL_INIT_SYSV
|
|
$(INSTALL) -D -m 755 package/x11r7/xserver_xorg-server/S40xorg \
|
|
$(TARGET_DIR)/etc/init.d/S40xorg
|
|
endef
|
|
endif
|
|
|
|
$(eval $(autotools-package))
|