|

»

New configure option for mesa (autotools patch)

View: New views

6 Messages — Rating Filter: Alert me

	New configure option for mesa (autotools patch) by Bugzilla from scarabeus@gentoo.org :: Rate this Message: \| View Threaded \| Show Only this Message Hi, I am cleaning bugs open in gentoo for mesa and i found one with patch attached to it, which is applicable upstream. Patch just allows us to to disable writable relocations in gl. It is "must" for users using PaX and others. For more detailed rationale please look onto bug in our bugzilla [1] Jeremy Huddleston created the patch i attach here and it really fixes the problem. So my question is, could you consider applying this for 7.6 7.7 and trunk? Cheers Tomas [1] http://bugs.gentoo.org/show_bug.cgi?id=240956 `[mesa_configurable_textrel.patch]` --- configure.ac.orig 2008-11-17 23:19:38.000000000 +0100 +++ configure.ac 2008-11-17 23:20:17.000000000 +0100 @@ -499,6 +499,20 @@ enable_xcb=no fi + +dnl readonly text segment on x86 hardened platforms +AC_ARG_ENABLE([glx_rts], + [AS_HELP_STRING([--enable-glx-rts], + [on x86, use a readonly text segment for libGL @<:@default=disabled@:>@])], + [enable_glx_rts="$enableval"], + [enable_glx_rts=no]) +if test "x$enable_glx_rts" = xyes; then + DEFINES="$DEFINES -DGLX_X86_READONLY_TEXT" +else + enable_glx_rts=no +fi + + dnl dnl libGL configuration per driver dnl ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev signature.asc (205 bytes) Download Attachment
	Re: New configure option for mesa (autotools patch) by Corbin Simpson :: Rate this Message: \| View Threaded \| Show Only this Message ISTR that there's a good reason for this behavior, but I can't remember what it is. Ian, Brian? Posting from a mobile, pardon my terseness. ~ C. On Dec 1, 2009 2:16 PM, "Tomáš Chvátal" <scarabeus@...> wrote: Hi, I am cleaning bugs open in gentoo for mesa and i found one with patch attached to it, which is applicable upstream. Patch just allows us to to disable writable relocations in gl. It is "must" for users using PaX and others. For more detailed rationale please look onto bug in our bugzilla [1] Jeremy Huddleston created the patch i attach here and it really fixes the problem. So my question is, could you consider applying this for 7.6 7.7 and trunk? Cheers Tomas [1] http://bugs.gentoo.org/show_bug.cgi?id=240956 ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
	Re: New configure option for mesa (autotools patch) by Ian Romanick-4 :: Rate this Message: \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Corbin Simpson wrote: > ISTR that there's a good reason for this behavior, but I can't remember > what it is. Ian, Brian? This is used so that libGL can generate extension entry points for drivers. This primarily used when an old libGL is used with a new driver. I believe that code gen is also used in other places in several drivers. If the user isn't trusted enough for code gen, then, seriously, they shouldn't be trusted enough to DRI. There are a million ways an errant program can tank a system using DRI. >> On Dec 1, 2009 2:16 PM, "Tomáš Chvátal" <scarabeus@... >> <mailto:scarabeus@...>> wrote: >> >> Hi, >> I am cleaning bugs open in gentoo for mesa and i found one with patch >> attached >> to it, which is applicable upstream. >> >> Patch just allows us to to disable writable relocations in gl. It is >> "must" >> for users using PaX and others. For more detailed rationale please >> look onto >> bug in our bugzilla [1] >> >> Jeremy Huddleston created the patch i attach here and it really fixes the >> problem. >> >> So my question is, could you consider applying this for 7.6 7.7 and trunk? >> >> Cheers >> >> Tomas >> >> [1] http://bugs.gentoo.org/show_bug.cgi?id=240956 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksVtV8ACgkQX1gOwKyEAw+opgCgiCc3Lm5Ex22Mb5ggck0CuWUQ DxkAniqqeF+C/YpqGn6HCsoo+Cr0hYCc =ROFp -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
	Re: New configure option for mesa (autotools patch) by Dan Nicholson-2 :: Rate this Message: \| View Threaded \| Show Only this Message 2009/12/1 Tomáš Chvátal <scarabeus@...>: > Hi, > I am cleaning bugs open in gentoo for mesa and i found one with patch attached > to it, which is applicable upstream. > > Patch just allows us to to disable writable relocations in gl. It is "must" > for users using PaX and others. For more detailed rationale please look onto > bug in our bugzilla [1] > > Jeremy Huddleston created the patch i attach here and it really fixes the > problem. > > So my question is, could you consider applying this for 7.6 7.7 and trunk? Yeah, that works, although I don't know what the else part is for (enable_glx_rts would already by no). Signed-off-by: Dan Nicholson <dbn.lists@...> -- Dan ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
	Re: New configure option for mesa (autotools patch) by Bugzilla from scarabeus@gentoo.org :: Rate this Message: \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dne 2.12.2009 03:33, Dan Nicholson napsal(a): > 2009/12/1 Tomáš Chvátal <scarabeus@...>: >> Hi, >> I am cleaning bugs open in gentoo for mesa and i found one with patch attached >> to it, which is applicable upstream. >> >> Patch just allows us to to disable writable relocations in gl. It is "must" >> for users using PaX and others. For more detailed rationale please look onto >> bug in our bugzilla [1] >> >> Jeremy Huddleston created the patch i attach here and it really fixes the >> problem. >> >> So my question is, could you consider applying this for 7.6 7.7 and trunk? > > Yeah, that works, although I don't know what the else part is for > (enable_glx_rts would already by no). > > Signed-off-by: Dan Nicholson <dbn.lists@...> > > -- > Dan So guys sorry for restoring this thread but is this going to happen or not? I know they should consider not using DRI at all if they want their security, but the patch will please them for now and it is just few lines in configure.ac that will default to off :] Cheers - -------- Tomáš Chvátal Gentoo Linux Developer [Clustering/Council/KDE/QA/Sci/X11] E-Mail : scarabeus@... GnuPG FP : 94A4 5CCD 85D3 DE24 FE99 F924 1C1E 9CDE 0341 4587 GnuPG ID : 03414587 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkxZj6wACgkQHB6c3gNBRYc1bwCgyUc8z5s59jslXn/Ul+S0Km/z fOIAn3dP5b6VLQ2/E9g1H1VEFc9dtEMF =aWWG -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
	Re: New configure option for mesa (autotools patch) by Dan Nicholson-2 :: Rate this Message: \| View Threaded \| Show Only this Message 2010/8/4 Tomáš Chvátal <scarabeus@...>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Dne 2.12.2009 03:33, Dan Nicholson napsal(a): >> 2009/12/1 Tomáš Chvátal <scarabeus@...>: >>> Hi, >>> I am cleaning bugs open in gentoo for mesa and i found one with patch attached >>> to it, which is applicable upstream. >>> >>> Patch just allows us to to disable writable relocations in gl. It is "must" >>> for users using PaX and others. For more detailed rationale please look onto >>> bug in our bugzilla [1] >>> >>> Jeremy Huddleston created the patch i attach here and it really fixes the >>> problem. >>> >>> So my question is, could you consider applying this for 7.6 7.7 and trunk? >> >> Yeah, that works, although I don't know what the else part is for >> (enable_glx_rts would already by no). >> >> Signed-off-by: Dan Nicholson <dbn.lists@...> >> >> -- >> Dan > > So guys sorry for restoring this thread but is this going to happen or not? > > I know they should consider not using DRI at all if they want their > security, but the patch will please them for now and it is just few > lines in configure.ac that will default to off :] Forgot about this. I don't have any problem with it, and the configure option only makes the already existing macro visible. If no one pipes up with any objections, I'll commit it in a couple days. -- Dan ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Mesa3d-dev mailing list Mesa3d-dev@... https://lists.sourceforge.net/lists/listinfo/mesa3d-dev