We will just ignore the memblock if this happens. We already have
a check for this in the client library, so this one is just for
security reasons.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Since we don't allow lengths that are not frame aligned,
it does not make sense to allow indices that are not frame aligned
either.
Also, allowing such a thing to be added causes the daemon to crash
later instead (see https://bugs.freedesktop.org/show_bug.cgi?id=77595 ).
Also drop _se from assert (there is no side effect).
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Calling the callback while setting it up can make things
complicated for clients, as the callback can do arbitrarily
things.
In this case, a protocol error caused the srbchannel to be
owned by both the pstream and the native connection.
Now the read callback is deferred, making sure the callback
is called from a cleaner context where errors are handled
appropriately.
Reported-by: Tanu Kaskinen <tanu.kaskinen@linux.intel.com>
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
The remapper and channel mixing code have (faster) specialized and (slower)
generic code certain code path. The flag force_generic_code can be set to
force the generic code path which is useful for testing. Code duplication
(such as in mix-special-test) can be avoided, cleanup patches follow.
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
New function allows to pass data pointer that is a member
of the outer structure that need to be freed too when data
is not needed anymore.
Signed-off-by: Lukasz Marek <lukasz.m.luki2@gmail.com>
Usually, PA will use the PULSE_SERVER X11 property instead of using XDG_RUNTIME_DIR,
so this environment variable does not matter.
If this property is not available, or if one is using the pacmd cli protocol,
the client will go ahead and call pa_make_secure_dir on XDG_RUNTIME_DIR/pulse.
This will either fail (if you're another regular user), or succeed (if you're root).
Both scenarios are bad - failing will cause the connection to fail, and succeeding
is even worse, as it can cause *other* connections to fail (as the directory
ownership has changed).
Instead fail and complain loudly.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=83007
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
building PA with -O0 leads to test failure in mix-test on i386
issue reported by Felipe, see
http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-August/021406.html
the problem is the value 0xbeffbd7f: when byte-swapped it becomes 0x7fbdffbe and according
to IEEE-754 represents a signalling NaN (starting with s111 1111 10, see http://en.wikipedia.org/wiki/NaN)
when this value is assigned to a floating point register, it becomes 0x7ffdffbe, representing
a quiet NaN (starting with s111 1111 11) -- a signalling NaN is turned into a quiet NaN!
so PA_FLOAT32_SWAP(PA_FLOAT32_SWAP(x)) != x for certain values, uhuh!
the following test code can be used; due to volatile, it will always demonstrate the issue;
without volatile, it depends on the optimization level (i386, 32-bit, gcc 4.9):
// snip
static inline float PA_FLOAT32_SWAP(float x) {
union {
float f;
uint32_t u;
} t;
t.f = x;
t.u = bswap_32(t.u);
return t.f;
}
int main() {
unsigned x = 0xbeffbd7f;
volatile float f = PA_FLOAT32_SWAP(*(float *)&x);
printf("%08x %08x %08x %f\n", 0xbeffbd7f, *(unsigned *)&f, bswap_32(*(unsigned *)&f), f);
}
// snip
the problem goes away with optimization when no temporary floating point registers are used
the proposed solution is to avoid passing swapped floating point data in a
float; this is done with new functions PA_READ_FLOAT32RE() and PA_WRITE_FLOAT32RE()
which use uint32_t to dereference a pointer and byte-swap the data, hence no temporary
float variable is used
also delete PA_FLOAT32_TO_LE()/_BE(), not used
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Reported-by: Felipe Sateler <fsateler@debian.org>
Since we don't have "limited" clients, a client that authenticates
correctly is automatically authorized. However, it's the authentication
that can go wrong, rather than the authorization.
Buglink: https://bugs.freedesktop.org/show_bug.cgi?id=78566
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Module-device-restore sets reference_volume, but soft_volume remains at
zero dB, so if a device only has soft_volume (i e no hw volume controls),
its volume was not restored correctly.
Reported-by: Richardo Salveti de Araujo <ricardo.salveti@canonical.com>
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
return from setup_srbchannel() when pa_srbchannel_new() fails
pa_srbchannel_new() depends on HAVE_SYS_EVENTFD_H, e.g. Debian/kFreeBSD doesn't
have it
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Acked-by: David Henningsson <david.henningsson@canonical.com>
pa_fdsem_open_shm() returns NULL when HAVE_SYS_EVENTFD_H is #undefined
pa_srbchannel_new() and pa_srbchannel_new_from_template() depend on
pa_fdsem_open_shm() and shall properly cleanup stuff, and return NULL as well;
otherwise, function pa_fdsem_get() will assert:
Assertion 'f' failed at pulsecore/fdsem.c:284, function pa_fdsem_get(). Aborting.
Debian/kFreeBSD doesn't HAVE_SYS_EVENTFD_H
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Cc: David Henningsson <david.henningsson@canonical.com>
handle both signals on Debian/kFreeBSD, otherwise sigbus-test fails:
Running suite(s): Sig Bus
Let's see if this worked: This is a test that should work fine.
And memtrap says it is good: yes
tests/sigbus-test.c:59:E:sigbus:sigbus_test:0: (after this point) Received signal 11 (Segmentation fault)
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
on systems lacking #defines HAVE_ACCEPT4, HAVE_PIPE2, SOCK_CLOEXEC
pulsecore/core-util.c: In function 'pa_open_cloexec':
pulsecore/core-util.c:3348:1: warning: label 'finish' defined but not used [-Wunused-label]
pulsecore/core-util.c: In function 'pa_socket_cloexec':
pulsecore/core-util.c:3370:1: warning: label 'finish' defined but not used [-Wunused-label]
pulsecore/core-util.c: In function 'pa_pipe_cloexec':
pulsecore/core-util.c:3393:1: warning: label 'finish' defined but not used [-Wunused-label]
pulsecore/core-util.c: In function 'pa_accept_cloexec':
pulsecore/core-util.c:3415:1: warning: label 'finish' defined but not used [-Wunused-label]
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
There was no code that included files from other directories using
the #include "..." style before.
Signed-off-by: Alexander E. Patrakov <patrakov@gmail.com>
This makes it easy to log a message every time the reference ratio
changes. I also need to add a hook for reference ratio changes, but
that need will go away if the stream relative volume controls will be
created by the core in the future.
PA_MAYBE_INT16_SWAP() should call PA_INT16_SWAP(), not PA_INT32_SWAP
PA_MAYBE_INT16_SWAP() is not used (yet), so no big deal :)
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
for example, the conversion function for
convert_from_float32ne(PA_SAMPLE_S16LE) can also be used for
convert_to_s16ne(PA_SAMPLE_FLOAT32LE)
v2: ARM can potentially be big- or little endian; only apply
optimization on LE based on WORDS_BIGENDIAN #define (thanks, Tanu)
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
A recent patch broke the build on FreeBSD, which does not have
HAVE_CREDS defined. Also, make sure any attempts to enable the
srbchannel on such architectures fail.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=80642
Reported-by: Ryan Lortie
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
The srbchannel is enabled if protocol version >= 30 and
SHM is available. There is also a module parameter
srbchannel=false that can be used for disabling the srbchannel.
The setup is done in these steps:
1) Server receives authentication (like today)
2) Server sends enable_srbchannel to client
3) Server sends memblock to client
4) Client receives enable_srbchannel
5) Client receives memblock
6) Client sends enable_srbchannel back to server
7) Client switches over
8) Server receives enable_srbchannel and switches over
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
This increments protocol version to v30 and adds two new commands
to enable and disable an shm ringbuffer, as well as client side
implementation.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
For writing, we prefer writing through the srbchannel if one is available,
and we have no ancil data to send.
For reading, we support reading from both in parallel. This meant replicating
a struct used for reading, so a lot of this patch is just a search/replace in
do_read to use the appropriate channel for reading.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
To keep the data and the ringbuffer separate, let's add another
mempool just for the ringbuffer(s). That way, the client can open
the ringbuffer shm file in rw mode and keep the data in ro mode.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
The shared ringbuffer memblock must be writable by both sides.
This makes it possible to send such a memblock over a pstream without
the "both sides writable" information getting lost.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
This is a preparation for the shm ringbuffer, which needs to be able
to be writable by both sides, because there are atomic variables they
both need to modify.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
An shm ringbuffer that is used for low overhead server-client communication.
Signalling is done through eventfd semaphores - it's based on pa_fdsem to avoid
syscalls if nothing is waiting on the other side.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
This patch adds support to iochannel, pstream and pstream-util
to send file descriptors over a unix pipe.
Currently we don't support writing both creds and fds in the same
packet, it's either one or the other (or neither).
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
The file descriptors are read from the iochannel just like the creds are.
So instead of passing just creds (and creds_valid), we now pass the
entire pa_ancil struct.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
To support later patches that add sending/receiving file descriptors,
let's add this struct.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Previously relative cookie paths were searched from the home
directory, now they are searched from the config home directory. This
fixes the problem that XDG_CONFIG_HOME didn't have effect on cookie
paths.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=75006
If a relative path is passed to pa_authkey_load(), it will interpret
the path as relative to the home directory. This is wrong, because
relative paths should be interpreted to be relative to the config home
directory. Before fixing pa_authkey_load(), this patch prepares for
the change by using absolute paths when the file actually needs to be
in the home directory (i.e. the fallback cookie path for the native
protocol and the default cookie path for the esound protocol).
