Instead of passing --shell=foo-shell.so, just pass --shell=foo, whilst
accepting the old form for compatibility.
Whilst we're at it, document the --shell argument in the manpage and
README.
Signed-off-by: Daniel Stone <daniels@collabora.com>
These shell utils functions are potentially useful to other shells as
well, so make them widely available.
Renamed all functions to weston_shell_utils namespace.
No functional change, copied ad litteram.
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
Use parse_simple_mode() to allow configuring the VNC framebuffer size
with a mode property in weston.ini, like this:
[output]
name=vnc
mode=1280x720
Signed-off-by: Philipp Zabel <philipp.zabel@gmail.com>
To make it reusable, extract parse_simple_mode() from
wet_configure_windowed_output_from_config().
Signed-off-by: Philipp Zabel <p.zabel@pengutronix.de>
While the --backend parameter looks like it takes a file name, it really
is selected from a list of supported strings that are then funneled
through a translation to enum weston_compositor_backend [1].
Because all backend parameters are of the form "...-backend.so", and
writing "--backend=...-backend.so" is boring, allow the --backend option
to match the backend name without "-backend.so" suffix instead.
For example, this allows to use "--backend=headless" instead of
"--backend=headless-backend.so".
Update help text and documentation. Keep the old way working for
backwards compatibility.
[1] 50dbf38514 ("libweston: use enum to choose the backend")
Signed-off-by: Philipp Zabel <philipp.zabel@gmail.com>
There are no internal users left for this protocol, they have been
migrated to the new weston-output-capture protocol. There are no
external users, because this protocol was private and never installed.
Remove this dead code.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
This is necessary in order to convert clients/screenshot.c into the
protocol.
We authorize a client the same way as before: if the wl_client is the
one we spawned, it's allowed.
Allowing screenshots on --debug was authorized by an earlier patch in
compositor/main.c.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Replicating the policy of the old screenshooting interface, allow all
screenshot to anyone with the new interface as well when --debug is
used.
Looks like there was one stray trailing space in unrelated code that my
editor deleted. Better this way.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Some monitors expose a selector for the kind of content that will get
displayed, allowing them to optimise their settings for this particular
content type.
I got access to such a monitor, sadly even setting it to game mode
didn’t lower its atrocious latency, but drm_info[1] reports it to be set
correctly so hopefully it’ll work better with other monitors.
[1] https://github.com/ascent12/drm_info
Signed-off-by: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
This lets us say what we really mean instead of passing a NULL output
and garbage co-ordinates.
This will help later when manufacturing garbage coordinates becomes much
harder to do.
The clear_pointer_focus() path continues to do nothing, and is just a FIXME
macro, as it has been for a very long time...
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
This adds basic VNC protocol support using the Neat VNC library
(https://github.com/any1/neatvnc). Neat VNC depends on the AML main
loop library. The backend makes use of AML's integrated epoll backend
and connects AML via file descriptor with the Wayland event loop.
This implementation does not support authentication and hardcodes the
pixel format currently.
Co-authored-by: Philipp Zabel <p.zabel@pengutronix.de>
Co-authored-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Stefan Agner <stefan@agner.ch>
[r.czerwinski@pengutronix.de:
- use new (as of 0.5.0) Neat VNC buffer API, with a buffer pool]
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
[p.zabel@pengutronix.de:
- transform repaint damage to output coordinates
- transform pointer coordinates into global space
- check that outputs and heads are in fact ours, see aab722bb1785..060ef82d9360
- track damage across multiple frame buffers
- choose pixel format by drm_fourcc, see 8b6c3fe0ad
- enable ctrl and alt modifiers
- fix frame timing to achieve a constant repaint rate
- pass initial size explicitly, see f4559b0760
- use resize_output with pixman-renderer, see 55d08f9634e8..84b5d0eb4bee
- allow configuring the refresh rate]
Signed-off-by: Philipp Zabel <p.zabel@pengutronix.de>
This is all a little confusing, so let's split up the variables and throw
around some comments that better explain what's going on.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
Our shared buffer isn't actually in output co-ordinates, so
initializing with the output's width/height isn't correct.
While we're here, remove the misleading comment. In a future
patch I'll try to document this code more accurately.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
The region has already been intersected with the output's region before
it was passed to us.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
Except the module dir path, they're one and the same. This change
warrants a libweston version bump, if it hasn't been done already.
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
Replace all uses of weston_transform_region with
weston_matrix_transform_region, then remove the function completely.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
Fixes the following warnings when building with _FORTIFY_SOURCE
and optimizations enabled:
../shared/xalloc.h:49:9: error: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
49 | write(STDERR_FILENO, oommsg, strlen(oommsg));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
or
../compositor/main.c:427:25: error: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
427 | write(STDERR_FILENO, fail_seteuid,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
428 | strlen(fail_seteuid));
| ~~~~~~~~~~~~~~~~~~~~~
../compositor/main.c:434:25: error: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
434 | write(STDERR_FILENO, fail_cloexec,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
435 | strlen(fail_cloexec));
| ~~~~~~~~~~~~~~~~~~~~~
../compositor/main.c:442:25: error: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
442 | write(STDERR_FILENO, fail_exec, strlen(fail_exec));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
As things are, even when mode=current is specified on the .ini file,
a full modeset is needed (and done), which causes a very noticeable
screen blinking. That is because setting the max_bpc on a connector
needs full modesetting.
The idea here is that if mode=current on the .ini, no modesetting
should be done, so the current max_bpc is programmed into the
connector.
But if a custom max-bpc=... is specified, that will be used instead,
even if mode=current on the .ini
Fixes: https://gitlab.freedesktop.org/wayland/weston/-/issues/660
Signed-off-by: vanfanel <redwindwanderer@gmail.com>
The supplied path for executing the shell client could contain potential
arguments and not only the binary itself. Specifying the platform either
by using an argument (-platform wayland) or using an environmental
variable (QT_QPA_PLATFORM) with clients written in Qt is for instance
an example on why this might be useful to have in.
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
When the gl-renderer is not enabled, weston fails to start, as it
doesn't automatically fallback to the pixman renderer, which is
always enabled.
This commit changes the drm-backend to set by default the --use-pixman
option to true when the gl-renderer is disabled (BUILD_DRM_GBM is not
defined).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is pretty counter-intuitive, and should probably happen outside of
the core in the front end while configuring the outputs.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
Everywhere we are standardising to drm_fourcc.h pixel format codes, and
using struct pixel_format_info as a general handle that allows us to
access the equivalent format in various APIs. In the name of
standardisation, convert weston_compositor::read_format to
pixel_format_info.
Pixman formats are defined CPU-endian, while DRM formats are defined
always little-endian. OpenGL has various definitions. Correctly mapping
between these when the CPU is big-endian is an extra chore we can
hopefully offload to pixel-formats.c.
GL-renderer read_format is still defined based on Pixman format, because
of the pecualiar way OpenGL defines a pixel format with
GL_UNSIGNED_BYTE. That matches the same Pixman format on big-endian but
not the same drm_fourcc.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
This was using read_format for the read_pixels() call, and then using a
hardcoded format for interpreting the data received from read_pixels().
That works only by accident, read_format being the same as the hardcoded
format.
Use read_format for the interpreting too. This should guarantee the read
pixels are processed correctly.
Found by code inspection.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
The text_input_manager might be destroyed upon a compositor shutdown, so
verify if it's still set-up before attemping to use it to avoid a UAF.
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
This is so the systemd-notify module, if used, will notify readiness after
we're ready to accept X connections, instead of before.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
This is awkward and long deprecated, and makes us load xwayland after all
the other modules so we know if we have to load it or not. Let's remove it.
We do still need to prevent loading the module the wrong way, though.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
If we leave xwayland in weston's process group, it can receive
signals from the controlling TTY intended for weston.
The easiest way to see this is to launch weston under gdb, start an
X client, and hit ctrl-c in the gdb session. The Xwayland server
will also catch the SIGINT, and the X client will be disconnected.
Instead, let's call setsid() when launching Xwayland, like we do
for launched clients.
Suggested-by: Hideyuki Nagase <hideyukn@microsoft.com>
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
[common equivalent of 77cf8cb006 in Xwayland from Pekka Paalanen; its
commit message follows]
Between fork() and exec() in the child process it is only safe to use
async-signal-safe functions. weston_log() definitely is not one, it
allocates memory and does whatnot.
weston_log() is also inappropriate for other reasons: the child process
has its own stream buffers and flight-recorder. No-one looks into the
child process' flight recorder, so messages would be lost there. The
logging machinery might also attempt to write into debug streams,
meaning both parent and child could be writing simultaneously.
It seems that the best we can do is to pre-bake an error message and
only write() it out if exec() fails. There is no mention that even
strerror_r() might be safe to call, so we don't.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Use the custom_env framework we added for Xwayland when forking to
execute clients. This avoids calling the unsafe getenv in between fork
and exec.
Signed-off-by: Daniel Stone <daniels@collabora.com>
It was only a small function, and inlining it will allow us to make it
more safe without having to duplicate a ton of stuff.
Signed-off-by: Daniel Stone <daniels@collabora.com>
This doesn't actually stop us from calling setenv() in between fork()
and exec() when starting clients, but gets us closer to Xwayland's safe
implementation by reusing one of the helpers it added.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Use the arg handling added in the previous commit so that the
environment is completely encapsulated inside the custom env.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Rename the bits handling environment variables (currently, all of it),
so we have room to handle args as well.
No functional changes.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Between fork() and exec() in the child process it is only safe to use
async-signal-safe functions. Painfully, setenv() is not listed as such.
Therefore we must craft our own custom environment, and we get no help
from libc with that.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Constructing argv before-hand is a little easier to look at, but this is
mostly just anticipating more changes to how Weston spawns processes in
general.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
We are already using pipe2() in many places, even in libweston, so let's
simplify the code here as well - not to mention avoid a theoretical
race.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Between fork() and exec() in the child process it is only safe to use
async-signal-safe functions. Surprisingly, snprintf() is not such
function. See e.g. https://stackoverflow.com/a/6771799 and how snprintf
is not listed in signal-safety(7) manual.
Therefore we must prepare the fd argument strings before fork(). That is
only possible if we also do not dup() fd in the child process. Hence we
remove the close-on-exec flag instead in the child process which has
copies of the parent's file descriptors. Fortunately fcntl() is safe.
struct fdstr is helping to reduce code clutter a bit.
Additionally, if fork() fails, we now clean up the fds we created.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Between fork() and exec() in the child process it is only safe to use
async-signal-safe functions. weston_log() definitely is not one, it
allocates memory and does whatnot.
weston_log() is also inappropriate for other reasons: the child process
has its own stream buffers and flight-recorder. No-one looks into the
child process' flight recorder, so messages would be lost there. The
logging machinery might also attempt to write into debug streams,
meaning both parent and child could be writing simultaneously.
It seems that the best we can do is to pre-bake an error message and
only write() it out if exec() fails. There is no mention that even
strerror_r() might be safe to call, so we don't.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Doing any kind of memory allocation calls between fork() and exec() in
the child process is prone to deadlocks and explosions. In general, only
async-signal-safe functions are safe there.
Move the config access to the parent process before fork() to avoid
problems.
See also:
https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/941#note_1457053
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
This reverts commit 4aa885d4af.
Turns out the problem was not about dupping fds at all, but calling
non-async-signal-safe functions like strdup() between fork() and exec()
in the child process.
For more discussion, see:
https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/941#note_1457053
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Daniel Stone