pyrox.dev / nixpkgs
lol
fork atom

nixos/xserver: Properly validate XKB options

Checking the keyboard layout has been a long set of hurdles so far, with
several attempts. Originally, the checking was introduced by @lheckemann
in #23709.

The initial implementation just was trying to check whether the symbols/
directory contained the layout name.

Unfortunately, that wasn't enough and keyboard variants weren't
recognized, so if you set layout to eg. "dvorak" it will fail with an
error (#25526).

So my improvement on that was to use sed to filter rules/base.lst and
match the layout against that. I fucked up twice with this, first
because layout can be a comma-separated list which I didn't account for
and second because I ran into a Nix issue (NixOS/nix#1426).

After fixing this, it still wasn't enough (and this is btw. what
localectl also does), because we were *only* matching rules but not
symbols, so using "eu" as a layout won't work either.

I decided now it's the time to actually use libxkbcommon to try
compiling the keyboard options and see whether it succeeds. This comes
in the form of a helper tool called xkbvalidate.

IMHO this approach is a lot less error-prone and we can be sure that we
don't forget about anything because that's what the X server itself uses
to compile the keymap.

Another advantage of this is that we now validate the full set of XKB
options rather than just the layout.

Tested this against a variety of wrong and correct keyboard
configurations and against the "keymap" NixOS VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann, @peti, @7c6f434c, @tohl, @vcunat, @lluchs
Fixes: #27597

aszlig 6e5d2f89 805467bb

options
unified split
Changed files
+156 -44
nixos
modules
services
x11
xserver.nix
pkgs
tools
X11
xkbvalidate
default.nix
xkbvalidate.c
top-level
all-packages.nix
+4 -44
nixos/modules/services/x11/xserver.nix 
···

       
648

       
 

       



     

       
649

       
 

       
    services.xserver.xkbDir = mkDefault "${pkgs.xkeyboard_config}/etc/X11/xkb";


     

       
650

       
 

       



     

       
651

       
-

       
    system.extraDependencies = singleton (pkgs.runCommand "xkb-layouts-exist" {


     

       
652

       
-

       
      inherit (cfg) layout xkbDir;


     

       

       

       
     

       
653

       
 

       
    } ''


     

       
654

       
-

       
      # We can use the default IFS here, because the layouts won't contain


     

       
655

       
-

       
      # spaces or tabs and are ruled out by the sed expression below.


     

       
656

       
-

       
      availableLayouts="$(


     

       
657

       
-

       
        sed -n -e ':i /^! \(layout\|variant\) *$/ {


     

       
658

       
-

       
          # Loop through all of the layouts/variants until we hit another ! at


     

       
659

       
-

       
          # the start of the line or the line is empty ('t' branches only if


     

       
660

       
-

       
          # the last substitution was successful, so if the line is empty the


     

       
661

       
-

       
          # substition will fail).


     

       
662

       
-

       
          :l; n; /^!/bi; s/^ *\([^ ]\+\).*/\1/p; tl


     

       
663

       
-

       
        }' "$xkbDir/rules/base.lst" | sort -u


     

       
664

       
-

       
      )"


     

       
665

       
-

       



     

       
666

       
-

       
      layoutNotFound() {


     

       
667

       
-

       
        echo >&2


     

       
668

       
-

       
        echo "The following layouts and variants are available:" >&2


     

       
669

       
-

       
        echo >&2


     

       
670

       
-

       



     

       
671

       
-

       
        # While an output width of 80 is more desirable for small terminals, we


     

       
672

       
-

       
        # really don't know the amount of columns of the terminal from within


     

       
673

       
-

       
        # the builder. The content in $availableLayouts however is pretty


     

       
674

       
-

       
        # large, so let's opt for a larger width here, because it will print a


     

       
675

       
-

       
        # smaller amount of lines on modern KMS/framebuffer terminals and won't


     

       
676

       
-

       
        # lose information even in smaller terminals (it only will look a bit


     

       
677

       
-

       
        # ugly).


     

       
678

       
-

       
        echo "$availableLayouts" | ${pkgs.utillinux}/bin/column -c 150 >&2


     

       
679

       
-

       



     

       
680

       
-

       
        echo >&2


     

       
681

       
-

       
        echo "However, the keyboard layout definition in" \


     

       
682

       
-

       
             "\`services.xserver.layout' contains the layout \`$1', which" \


     

       
683

       
-

       
             "isn't a valid layout or variant." >&2


     

       
684

       
-

       
        echo >&2


     

       
685

       
-

       
        exit 1


     

       
686

       
-

       
      }


     

       
687

       
-

       



     

       
688

       
-

       
      # Again, we don't need to take care of IFS, see the comment for


     

       
689

       
-

       
      # $availableLayouts.


     

       
690

       
-

       
      for l in ''${layout//,/ }; do


     

       
691

       
-

       
        if ! echo "$availableLayouts" | grep -qxF "$l"; then


     

       
692

       
-

       
          layoutNotFound "$l"


     

       
693

       
-

       
        fi


     

       
694

       
-

       
      done


     

       
695

       
-

       



     

       
696

       
 

       
      touch "$out"


     

       
697

       
 

       
    '');


     

       
698

       
 

       



     
···

       
648

       
 

       



     

       
649

       
 

       
    services.xserver.xkbDir = mkDefault "${pkgs.xkeyboard_config}/etc/X11/xkb";


     

       
650

       
 

       



     

       
651

       
+

       
    system.extraDependencies = singleton (pkgs.runCommand "xkb-validated" {


     

       
652

       
+

       
      inherit (cfg) xkbModel layout xkbVariant xkbOptions;


     

       
653

       
+

       
      nativeBuildInputs = [ pkgs.xkbvalidate ];


     

       
654

       
 

       
    } ''


     

       
655

       
+

       
      validate "$xkbModel" "$layout" "$xkbVariant" "$xkbOptions"


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
656

       
 

       
      touch "$out"


     

       
657

       
 

       
    '');


     

       
658
+15
pkgs/tools/X11/xkbvalidate/default.nix 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
{ lib, runCommandCC, libxkbcommon }:


     

       
2

       
+

       



     

       
3

       
+

       
runCommandCC "xkbvalidate" {


     

       
4

       
+

       
  buildInputs = [ libxkbcommon ];


     

       
5

       
+

       
  meta = {


     

       
6

       
+

       
    description = "NixOS tool to validate X keyboard configuration";


     

       
7

       
+

       
    license = lib.licenses.mit;


     

       
8

       
+

       
    platforms = lib.platforms.linux;


     

       
9

       
+

       
    maintainers = [ lib.maintainers.aszlig ];


     

       
10

       
+

       
  };


     

       
11

       
+

       
} ''


     

       
12

       
+

       
  mkdir -p "$out/bin"


     

       
13

       
+

       
  gcc -std=gnu11 -Wall -pedantic -lxkbcommon ${./xkbvalidate.c} \


     

       
14

       
+

       
    -o "$out/bin/validate"


     

       
15

       
+

       
''
+135
pkgs/tools/X11/xkbvalidate/xkbvalidate.c 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
#define _GNU_SOURCE


     

       
2

       
+

       
#include <stdarg.h>


     

       
3

       
+

       
#include <stdbool.h>


     

       
4

       
+

       
#include <stdio.h>


     

       
5

       
+

       
#include <stdlib.h>


     

       
6

       
+

       
#include <string.h>


     

       
7

       
+

       



     

       
8

       
+

       
#include <xkbcommon/xkbcommon.h>


     

       
9

       
+

       



     

       
10

       
+

       
static char **log_buffer = NULL;


     

       
11

       
+

       
static int log_buffer_size = 0;


     

       
12

       
+

       
static bool log_alloc_success = true;


     

       
13

       
+

       



     

       
14

       
+

       
static void add_log(struct xkb_context *ctx, enum xkb_log_level level,


     

       
15

       
+

       
                    const char *fmt, va_list args)


     

       
16

       
+

       
{


     

       
17

       
+

       
    log_buffer_size++;


     

       
18

       
+

       



     

       
19

       
+

       
    if (log_buffer == NULL)


     

       
20

       
+

       
        log_buffer = malloc(sizeof(char *));


     

       
21

       
+

       
    else


     

       
22

       
+

       
        log_buffer = realloc(log_buffer, sizeof(char *) * log_buffer_size);


     

       
23

       
+

       



     

       
24

       
+

       
    if (log_buffer == NULL) {


     

       
25

       
+

       
        perror("buffer alloc");


     

       
26

       
+

       
        log_alloc_success = false;


     

       
27

       
+

       
        log_buffer_size--;


     

       
28

       
+

       
        return;


     

       
29

       
+

       
    }


     

       
30

       
+

       



     

       
31

       
+

       
    if (vasprintf(&log_buffer[log_buffer_size - 1], fmt, args) == -1) {


     

       
32

       
+

       
        perror("log line alloc");


     

       
33

       
+

       
        log_alloc_success = false;


     

       
34

       
+

       
        return;


     

       
35

       
+

       
    }


     

       
36

       
+

       
}


     

       
37

       
+

       



     

       
38

       
+

       
static void print_logs(void)


     

       
39

       
+

       
{


     

       
40

       
+

       
    for (int i = 0; i < log_buffer_size; ++i)


     

       
41

       
+

       
        fprintf(stderr, "    %s", log_buffer[i]);


     

       
42

       
+

       
}


     

       
43

       
+

       



     

       
44

       
+

       
static void free_logs(void)


     

       
45

       
+

       
{


     

       
46

       
+

       
    if (log_buffer == NULL)


     

       
47

       
+

       
        return;


     

       
48

       
+

       
    for (int i = 0; i < log_buffer_size; ++i)


     

       
49

       
+

       
        free(log_buffer[i]);


     

       
50

       
+

       
    free(log_buffer);


     

       
51

       
+

       
    log_buffer = NULL;


     

       
52

       
+

       
    log_buffer_size = 0;


     

       
53

       
+

       
}


     

       
54

       
+

       



     

       
55

       
+

       
static bool try_keymap(struct xkb_context *ctx, struct xkb_rule_names *rdef)


     

       
56

       
+

       
{


     

       
57

       
+

       
    struct xkb_keymap *keymap;


     

       
58

       
+

       
    bool result = true;


     

       
59

       
+

       



     

       
60

       
+

       
    if ((keymap = xkb_keymap_new_from_names(ctx, rdef, 0)) == NULL)


     

       
61

       
+

       
        result = false;


     

       
62

       
+

       
    else


     

       
63

       
+

       
        xkb_keymap_unref(keymap);


     

       
64

       
+

       



     

       
65

       
+

       
    return result;


     

       
66

       
+

       
}


     

       
67

       
+

       



     

       
68

       
+

       
static void print_error(const char *name, const char *value,


     

       
69

       
+

       
                        const char *nixos_option)


     

       
70

       
+

       
{


     

       
71

       
+

       
    fprintf(stderr, "\nThe value `%s' for keyboard %s is invalid.\n\n"


     

       
72

       
+

       
                    "Please check the definition in `services.xserver.%s'.\n",


     

       
73

       
+

       
            value, name, nixos_option);


     

       
74

       
+

       
    fputs("\nDetailed XKB compiler errors:\n\n", stderr);


     

       
75

       
+

       
    print_logs();


     

       
76

       
+

       
    putc('\n', stderr);


     

       
77

       
+

       
}


     

       
78

       
+

       



     

       
79

       
+

       
#define TRY_KEYMAP(name, value, nixos_option) \


     

       
80

       
+

       
    *rdef = (struct xkb_rule_names) {0}; \


     

       
81

       
+

       
    free_logs(); \


     

       
82

       
+

       
    rdef->name = value; \


     

       
83

       
+

       
    result = try_keymap(ctx, rdef); \


     

       
84

       
+

       
    if (!log_alloc_success) \


     

       
85

       
+

       
        goto out; \


     

       
86

       
+

       
    if (!result) { \


     

       
87

       
+

       
        print_error(#name, value, nixos_option); \


     

       
88

       
+

       
        exit_code = EXIT_FAILURE; \


     

       
89

       
+

       
        goto out; \


     

       
90

       
+

       
    }


     

       
91

       
+

       



     

       
92

       
+

       
int main(int argc, char **argv)


     

       
93

       
+

       
{


     

       
94

       
+

       
    int exit_code = EXIT_SUCCESS;


     

       
95

       
+

       
    bool result;


     

       
96

       
+

       
    struct xkb_context *ctx;


     

       
97

       
+

       
    struct xkb_rule_names *rdef;


     

       
98

       
+

       



     

       
99

       
+

       
    if (argc != 5) {


     

       
100

       
+

       
        fprintf(stderr, "Usage: %s model layout variant options\n", argv[0]);


     

       
101

       
+

       
        return EXIT_FAILURE;


     

       
102

       
+

       
    }


     

       
103

       
+

       



     

       
104

       
+

       
    ctx = xkb_context_new(XKB_CONTEXT_NO_ENVIRONMENT_NAMES);


     

       
105

       
+

       
    xkb_context_set_log_fn(ctx, add_log);


     

       
106

       
+

       



     

       
107

       
+

       
    rdef = malloc(sizeof(struct xkb_rule_names));


     

       
108

       
+

       



     

       
109

       
+

       
    TRY_KEYMAP(model,   argv[1], "xkbModel");


     

       
110

       
+

       
    TRY_KEYMAP(layout,  argv[2], "layout");


     

       
111

       
+

       
    TRY_KEYMAP(variant, argv[3], "xkbVariant");


     

       
112

       
+

       
    TRY_KEYMAP(options, argv[4], "xkbOptions");


     

       
113

       
+

       



     

       
114

       
+

       
    free_logs();


     

       
115

       
+

       
    rdef->model = argv[1];


     

       
116

       
+

       
    rdef->layout = argv[2];


     

       
117

       
+

       
    rdef->variant = argv[3];


     

       
118

       
+

       
    rdef->options = argv[4];


     

       
119

       
+

       



     

       
120

       
+

       
    result = try_keymap(ctx, rdef);


     

       
121

       
+

       
    if (!log_alloc_success)


     

       
122

       
+

       
        goto out;


     

       
123

       
+

       



     

       
124

       
+

       
    if (!result) {


     

       
125

       
+

       
        fputs("The XKB keyboard definition failed to compile:\n", stderr);


     

       
126

       
+

       
        print_logs();


     

       
127

       
+

       
        exit_code = EXIT_FAILURE;


     

       
128

       
+

       
    }


     

       
129

       
+

       



     

       
130

       
+

       
out:


     

       
131

       
+

       
    free_logs();


     

       
132

       
+

       
    free(rdef);


     

       
133

       
+

       
    xkb_context_unref(ctx);


     

       
134

       
+

       
    return exit_code;


     

       
135

       
+

       
}
+2
pkgs/top-level/all-packages.nix 
···

       
4805

       
 

       



     

       
4806

       
 

       
  xbrightness = callPackage ../tools/X11/xbrightness { };


     

       
4807

       
 

       



     

       

       

       
     

       

       

       
     

       
4808

       
 

       
  xfstests = callPackage ../tools/misc/xfstests { };


     

       
4809

       
 

       



     

       
4810

       
 

       
  xprintidle-ng = callPackage ../tools/X11/xprintidle-ng {};


     
···

       
4805

       
 

       



     

       
4806

       
 

       
  xbrightness = callPackage ../tools/X11/xbrightness { };


     

       
4807

       
 

       



     

       
4808

       
+

       
  xkbvalidate = callPackage ../tools/X11/xkbvalidate { };


     

       
4809

       
+

       



     

       
4810

       
 

       
  xfstests = callPackage ../tools/misc/xfstests { };


     

       
4811

       
 

       



     

       
4812

       
 

       
  xprintidle-ng = callPackage ../tools/X11/xprintidle-ng {};