xserver icon indicating copy to clipboard operation
xserver copied to clipboard
Published 2 weeks ago verified publisher icon X11Libre

Critical bug with infinite boot time xserver

Open GermanAizek opened this issue 1 month ago • 5 comments

version

Xlibre 25.0.0.X and Xorg

PLEASE DONT TEST THIS ON REAL MACHINE (USE VIRTUAL MACHINE)

Create xorg.conf with Device that has an incorrect BusID specified. According to the user's behavior, the xserver process will constantly try to initialize the device, switching to other text tty sessions is not possible, since the systemd initialization process is underway. No matter how long I waited, xserver did not give a parsing error. From the user's side, he sees only the systemd initialization screen.

Section "Device"
    Identifier  "Vulnerable Device"
    Driver      "modesetting"
    BusID       "pci:"  # Incorrect format busid, missing ":<domain>:<bus>:<dev>:<func>"
EndSection

or

Section "Device"
    Identifier  "Vulnerable Device"
    Driver      "modesetting"
    BusID       "pci"  # Incorrect format busid, missing ":<domain>:<bus>:<dev>:<func>"
EndSection

Behavior of a system with an already written xorg.conf

https://github.com/user-attachments/assets/919231f8-1dea-426b-8d8b-a7be24dd1f6f

GermanAizek avatar Nov 23 '25 06:11 GermanAizek

My presumptive fix here: https://github.com/X11Libre/xserver/pull/1478

GermanAizek avatar Nov 23 '25 06:11 GermanAizek

I callously ignored your advice, and did this on bare metal:

I created /etc/X11/xorg.conf.d/99-crash-GermanAizek.conf containing:

Section "Device"
    Identifier  "Vulnerable Device"
    Driver      "modesetting"
    BusID       "pci:"  # Incorrect format busid, missing ":<domain>:<bus>:<dev>:<func>"
EndSection

Everything appears to be functioning normally. (still running)

I'm running Xlibre-25.0.0.16. I am not running systemd.

Only mention in the log is:

[2025-11-27 14:01:34] (==) Using config directory: "/etc/X11/xorg.conf.d"
[2025-11-27 14:01:34] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[2025-11-27 14:01:34] (==) No Layout section.  Using the first Screen section.
[2025-11-27 14:01:34] (==) No screen section available. Using defaults.
[2025-11-27 14:01:34] (**) |-->Screen "Default Screen Section" (0)
[2025-11-27 14:01:34] (**) |   |-->Monitor "<default monitor>"
[2025-11-27 14:01:34] (==) No device specified for screen "Default Screen Section".
        Using the first device section listed.
[2025-11-27 14:01:34] (**) |   |-->Device "Vulnerable Device"
[2025-11-27 14:01:34] (==) No monitor specified for screen "Default Screen Section".
        Using a default monitor configuration.

smj-cc avatar Nov 27 '25 22:11 smj-cc

@GermanAizek Can this be closed, since the pr was merged?

stefan11111 avatar Dec 01 '25 19:12 stefan11111

@GermanAizek Can this be closed, since the pr was merged?

well, I found out that the second poc payload caused this problem more often in the VM, although they said above that it didn't help. Someone has already approved the changes and metux has merged. I don't know how many people actually tested the changes or the bug.

GermanAizek avatar Dec 01 '25 22:12 GermanAizek

@GermanAizek Can this be closed, since the pr was merged?

well, I found out that the second poc payload caused this problem more often in the VM, although they said above that it didn't help. Someone has already approved the changes and metux has merged. I don't know how many people actually tested the changes or the bug.

You mean that the patch that was merged does not fix the issue?

stefan11111 avatar Dec 02 '25 01:12 stefan11111