It's better to use DT_RPATH dynamic section of the elf binary to store
the paths of libraries to load instead of overwriting LD_LIBRARY_PATH
for the whole environment, causing surprises. This solution is much more
transparent and perfectly suitable for running contained installations
of wayland/wlroots/sway.
The code unsetting the LD_LIBRARY_PATH/LD_PRELOAD was also deleted as
it's a placebo security at best - we should trust the execution path
that leads us to running sway, and it's way too late to care about those
variables since we already started executing our compositor, thus we
would be compromised anyway.
This adds a `con` argument to `execute_command` which allows you to
specify the container to execute the command on. In most cases it leaves
it as `NULL` which makes it use the focused node. We only set it when
executing `for_window` criteria such as when a view maps. This means we
don't send unnecessary IPC focus events, and fixes a crash when the
criteria command is `move scratchpad` (because we can't give focus to a
hidden scratchpad container).
Each of the shell map handlers now check to see if the view has a
workspace. It won't have a workspace if criteria has moved it to the
scratchpad.
This commit changes the meaning of sway_container so that it only refers
to layout containers and view containers. Workspaces, outputs and the
root are no longer known as containers. Instead, root, outputs,
workspaces and containers are all a type of node, and containers come in
two types: layout containers and view containers.
In addition to the above, this implements type safe variables. This
means we use specific types such as sway_output and sway_workspace
instead of generic containers or nodes. However, it's worth noting that
in a few places places (eg. seat focus and transactions) referring to
them in a generic way is unavoidable which is why we still use nodes in
some places.
If you want a TL;DR, look at node.h, as well as the struct definitions
for root, output, workspace and container. Note that sway_output now
contains a workspaces list, and workspaces now contain a tiling and
floating list, and containers now contain a pointer back to the
workspace.
There are now functions for seat_get_focused_workspace and
seat_get_focused_container. The latter will return NULL if a workspace
itself is focused. Most other seat functions like seat_get_focus and
seat_set_focus now accept and return nodes.
In the config->handler_context struct, current_container has been
replaced with three pointers: node, container and workspace. node is the
same as what current_container was, while workspace is the workspace
that the node resides on and container is the actual container, which
may be NULL if a workspace itself is focused.
The global root_container variable has been replaced with one simply
called root, which is a pointer to the sway_root instance.
The way outputs are created, enabled, disabled and destroyed has
changed. Previously we'd wrap the sway_output in a container when it is
enabled, but as we don't have containers any more it needs a different
approach. The output_create and output_destroy functions previously
created/destroyed the container, but now they create/destroy the
sway_output. There is a new function output_disable to disable an output
without destroying it.
Containers have a new view property. If this is populated then the
container is a view container, otherwise it's a layout container. Like
before, this property is immutable for the life of the container.
Containers have both a `sway_container *parent` and
`sway_workspace *workspace`. As we use specific types now, parent cannot
point to a workspace so it'll be NULL for containers which are direct
children of the workspace. The workspace property is set for all
containers, except those which are hidden in the scratchpad as they have
no workspace.
In some cases we need to refer to workspaces in a container-like way.
For example, workspaces have layout and children, but when using
specific types this makes it difficult. Likewise, it's difficult for a
container to get its parent's layout when the parent could be another
container or a workspace. To make it easier, some helper functions have
been created: container_parent_layout and container_get_siblings.
container_remove_child has been renamed to container_detach and
container_replace_child has been renamed to container_replace.
`container_handle_fullscreen_reparent(con, old_parent)` has had the
old_parent removed. We now unfullscreen the workspace when detaching the
container, so this function is simplified and only needs one argument
now.
container_notify_subtree_changed has been renamed to
container_update_representation. This is more descriptive of its
purpose. I also wanted to be able to call it with whatever container was
changed rather than the container's parent, which makes bubbling up to
the workspace easier.
There are now state structs per node thing. ie. sway_output_state,
sway_workspace_state and sway_container_state.
The focus, move and layout commands have been completely refactored to
work with the specific types. I considered making these a separate PR,
but I'd be backporting my changes only to replace them again, and it's
easier just to test everything at once.
When we have type safety we'll need to have functions for
workspace_add_tiling and so on. This means the existing container
functions will be just for containers, so they are being moved to
container.c. At this point layout.c doesn't contain much else, so I've
relocated everything and removed the file.
* container_swap and its static functions have been moved to the swap
command and made static.
* container_recursive_resize has been moved to the resize command and
made static.
* The following have been moved to container.c:
* container_handle_fullscreen_reparent
* container_insert_child
* container_add_sibling
* container_add_child
* container_remove_child
* container_replace_child
* container_split
* enum movement_direction and sway_dir_to_wlr have been moved to util.c.
Side note: Several commands included layout.h which then included
root.h. With layout.h gone, root.h has to be included by those commands.
This makes all debug options stored in a single struct rather than in
various places, changes/fixes the behaviour of existing options, and
introduces some new options.
* Fixes damage issues with `-Drender-tree` texture (by removing scissor)
* Offsets the render tree overlay's `y` position for those who have
swaybar at the top
* Replaces `-Ddamage=rerender` with `-Dnodamage`
* Replaces `-Ddamage=highlight` with `-Dhighlight-damage`
* Replaces `-Dtxn-debug` with `-Dtxn-wait`
* Introduces `-Dnoatomic`
* Removes the `create_time` and `ms_arranging` figures from transactions
and the log message. Transactions are created after arranging and the
create time is of no significance.
* Fixes `-Dtxn-debug` (now `-Dtxn-wait`) not working.
This creates a root.c and moves bits and pieces from elsewhere into it.
* layout_init has been renamed to root_create and moved into root.c
* root_destroy has been created and is called on shutdown
* scratchpad code has been moved into root.c, because hidden scratchpad
containers are stored in the root struct
Rather than maintain copies of the entire focus stack, this PR
transactionises the focus by introducing two new properties to the
container state and using those when rendering.
* `bool focused` means this container has actual focus. Only one
container should have this equalling true in its current state.
* `struct sway_container *focus_inactive_child` points to the immediate
child that was most recently focused (eg. for tabbed and stacked
containers).
We currently have several ways of setting debug flags, including command
line arguments, environment variables, and compile-time macros. This
replaces the lot with command line flags.
wl_event_source_remove() is illegal after display has been destroyed,
so just destroy everything when we still can.
==20392==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000001240 at pc 0x00000048e86e bp 0x7ffe4b557e00 sp 0x7ffe4b557df0
READ of size 8 at 0x607000001240 thread T0
#0 0x48e86d in wl_list_insert ../common/list.c:149
#1 0x7fdf673d4d7d in wl_event_source_remove src/event-loop.c:487
#2 0x41b742 in ipc_terminate ../sway/ipc-server.c:94
#3 0x40b1ad in main ../sway/main.c:440
#4 0x7fdf6664c18a in __libc_start_main ../csu/libc-start.c:308
#5 0x409359 in _start (/opt/wayland/bin/sway+0x409359)
0x607000001240 is located 48 bytes inside of 72-byte region [0x607000001210,0x607000001258)
freed by thread T0 here:
#0 0x7fdf692c4880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x7fdf673d371a in wl_display_destroy src/wayland-server.c:1097
previously allocated by thread T0 here:
#0 0x7fdf692c4c48 in malloc (/lib64/libasan.so.5+0xeec48)
#1 0x7fdf673d4d9e in wl_event_loop_create src/event-loop.c:522
#2 0x40acb2 in main ../sway/main.c:363
#3 0x7fdf6664c18a in __libc_start_main ../csu/libc-start.c:308
We would previously run all config commands without the environment,
which would appear to work as our socket name is the default one, but
wayland clients would start up in the wrong sway session.
(This explains why 'sometimes' my swayidle processes wouldn't die with
sway, as they weren't listening to the correct socket)
Some operations during backend creation (e.g. becoming DRM master)
require CAP_SYS_ADMIN privileges. At this point, sway has dropped them
already, though. This patch splits the privileged part of server_init
into its own function and calls it before dropping its privileges.
This fixes the bug with minimal security implications.
Increase _POSIX_SOURCE value where needed.
Increase _XOPEN_SOURCE value where needed.
Conditionally link to libcap (only on Linux).
Possibly some trailing whitespace fixes (automatic).
- Moved ``<sys/capability.h>`` include inside `__linux__` guard,
because all uses are similarly guarded.
- <sys/capability.h> is part of an optional devel package, at least
in fedora. CMake now explicitly checks that libcap devel files
are available.
- Added libcap to the list of install packages in .travis.yml, to
make the dependency explicit. travis-ci installs the package by
default, which is why this hasn't surfaced previously.
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
This is necessary because commands in the config file (mode for
instance) emit ipc events, and if ipc_init has not been called the
ipc_clients_list is not initialized, and we segfault. This fixes that
bug.
The include command (`include <path>`) makes it possible to include sub
config files from the main config file (or from within other sub config
files).
The include command uses the following rules for including config files:
* the `path` can be either a full path or a path that is relative to the
parent config. Shell expansion is supported, so it's possible to do
`include ~/.config/sway.d/*`.
* The same config file can only be included once (to prevent include
cycles). If a config is included multiple times it will just be
ignored after it has been included once.
* Including a sub config file is the same as inserting the content of
that file into the parent config, thus rules about overwriting
bindsyms etc. works the same as for a single config.
Implement #542
Calling `exit` in sway_terminate prevents sway from correctly shutting
down (freeing data, cleanly terminating the ipc server, etc.).
A better way is to exit straight away if the failure occurs before
`wlc_run` and use sway_abort as usual if it occur when wlc is running.
Sway used to attempt sending an IPC command composed of every argument
after the first non-option argument encountered.
Now, raises an error if an option is encountered before the intended command.
Some options such as -h or -v take effect when parsing, so they still
apply.
The get-socketpath long option had an undocumented short alternative
as `p`. It has been removed.
However, the code in the options array is still the 'p' char.