xserver: Branch 'XACE-SELINUX'
Eamon Walsh
ewalsh at kemper.freedesktop.org
Thu Aug 30 13:57:55 PDT 2007
Xext/xace.c | 1 +
Xext/xacestr.h | 1 +
dix/dispatch.c | 32 ++++++++++++++++++--------------
xfixes/cursor.c | 55 +++++++++++++++++++++++++++++++++++++++----------------
xfixes/region.c | 34 +++++++++++++++++++---------------
xfixes/saveset.c | 2 +-
xfixes/select.c | 9 ++++++++-
7 files changed, 87 insertions(+), 47 deletions(-)
New commits:
diff-tree cda92bbf12107865e93c03c71b901ef51466dc31 (from 47ab4d648b31ea1d5800e0bc84cf5f25025bffe3)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Aug 30 11:48:45 2007 -0400
xace: add hooks + new access codes: XFixes extension.
Required a new name argument to the selection access hook to handle
XFixesSelectSelectionInput.
diff --git a/Xext/xace.c b/Xext/xace.c
index 3091ecd..cc68986 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -173,6 +173,7 @@ int XaceHook(int hook, ...)
case XACE_SELECTION_ACCESS: {
XaceSelectionAccessRec rec = {
va_arg(ap, ClientPtr),
+ va_arg(ap, Atom),
va_arg(ap, Selection*),
va_arg(ap, Mask),
Success /* default allow */
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index 15d39b7..0957f0d 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -115,6 +115,7 @@ typedef struct {
/* XACE_SELECTION_ACCESS */
typedef struct {
ClientPtr client;
+ Atom name;
Selection *selection;
Mask access_mode;
int status;
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 1ad3c94..7adfe02 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -1013,10 +1013,6 @@ ProcSetSelectionOwner(ClientPtr client)
{
xEvent event;
- rc = XaceHook(XACE_SELECTION_ACCESS, client, CurrentSelections[i],
- DixSetAttrAccess);
- if (rc != Success)
- return rc;
/* If the timestamp in client's request is in the past relative
to the time stamp indicating the last time the owner of the
selection was set, do not set the selection, just return
@@ -1024,6 +1020,12 @@ ProcSetSelectionOwner(ClientPtr client)
if (CompareTimeStamps(time, CurrentSelections[i].lastTimeChanged)
== EARLIER)
return Success;
+
+ rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection,
+ CurrentSelections[i], DixSetAttrAccess);
+ if (rc != Success)
+ return rc;
+
if (CurrentSelections[i].client &&
(!pWin || (CurrentSelections[i].client != client)))
{
@@ -1054,19 +1056,17 @@ ProcSetSelectionOwner(ClientPtr client)
CurrentSelections = newsels;
CurrentSelections[i].selection = stuff->selection;
CurrentSelections[i].devPrivates = NULL;
- rc = XaceHook(XACE_SELECTION_ACCESS, CurrentSelections[i],
- DixSetAttrAccess);
+ rc = XaceHook(XACE_SELECTION_ACCESS, stuff->selection,
+ CurrentSelections[i], DixSetAttrAccess);
if (rc != Success)
return rc;
}
- dixFreePrivates(CurrentSelections[i].devPrivates);
CurrentSelections[i].lastTimeChanged = time;
CurrentSelections[i].window = stuff->window;
CurrentSelections[i].destwindow = stuff->window;
CurrentSelections[i].pWin = pWin;
CurrentSelections[i].client = (pWin ? client : NullClient);
CurrentSelections[i].destclient = (pWin ? client : NullClient);
- CurrentSelections[i].devPrivates = NULL;
if (SelectionCallback)
{
SelectionInfoRec info;
@@ -1092,7 +1092,7 @@ ProcGetSelectionOwner(ClientPtr client)
REQUEST_SIZE_MATCH(xResourceReq);
if (ValidAtom(stuff->id))
{
- int i;
+ int rc, i;
xGetSelectionOwnerReply reply;
i = 0;
@@ -1101,12 +1101,16 @@ ProcGetSelectionOwner(ClientPtr client)
reply.type = X_Reply;
reply.length = 0;
reply.sequenceNumber = client->sequence;
- if (i < NumCurrentSelections &&
- XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i],
- DixGetAttrAccess) == Success)
+ if (i < NumCurrentSelections)
reply.owner = CurrentSelections[i].destwindow;
else
reply.owner = None;
+
+ rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->id, NULL,
+ DixGetAttrAccess);
+ if (rc != Success)
+ return rc;
+
WriteReplyToClient(client, sizeof(xGetSelectionOwnerReply), &reply);
return(client->noClientException);
}
@@ -1143,8 +1147,8 @@ ProcConvertSelection(ClientPtr client)
CurrentSelections[i].selection != stuff->selection) i++;
if ((i < NumCurrentSelections) &&
(CurrentSelections[i].window != None) &&
- XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i],
- DixReadAccess) == Success)
+ XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection,
+ &CurrentSelections[i], DixReadAccess) == Success)
{
event.u.u.type = SelectionRequest;
event.u.selectionRequest.time = stuff->time;
diff --git a/xfixes/cursor.c b/xfixes/cursor.c
index 975ebc3..91f149e 100755
--- a/xfixes/cursor.c
+++ b/xfixes/cursor.c
@@ -51,6 +51,7 @@
#include "servermd.h"
#include "inputstr.h"
#include "windowstr.h"
+#include "xace.h"
static RESTYPE CursorClientType;
static RESTYPE CursorHideCountType;
@@ -238,7 +239,7 @@ ProcXFixesSelectCursorInput (ClientPtr c
int rc;
REQUEST_SIZE_MATCH (xXFixesSelectCursorInputReq);
- rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess);
+ rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess);
if (rc != Success)
return rc;
if (stuff->eventMask & ~CursorAllEvents)
@@ -343,14 +344,16 @@ ProcXFixesGetCursorImage (ClientPtr clie
xXFixesGetCursorImageReply *rep;
CursorPtr pCursor;
CARD32 *image;
- int npixels;
- int width, height;
- int x, y;
+ int npixels, width, height, rc, x, y;
REQUEST_SIZE_MATCH(xXFixesGetCursorImageReq);
pCursor = CursorCurrent;
if (!pCursor)
return BadCursor;
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
+ DixReadAccess, pCursor);
+ if (rc != Success)
+ return rc;
GetSpritePosition (&x, &y);
width = pCursor->bits->width;
height = pCursor->bits->height;
@@ -411,7 +414,7 @@ ProcXFixesSetCursorName (ClientPtr clien
Atom atom;
REQUEST_AT_LEAST_SIZE(xXFixesSetCursorNameReq);
- VERIFY_CURSOR(pCursor, stuff->cursor, client, DixWriteAccess);
+ VERIFY_CURSOR(pCursor, stuff->cursor, client, DixSetAttrAccess);
tchar = (char *) &stuff[1];
atom = MakeAtom (tchar, stuff->nbytes, TRUE);
if (atom == BAD_RESOURCE)
@@ -444,7 +447,7 @@ ProcXFixesGetCursorName (ClientPtr clien
int len;
REQUEST_SIZE_MATCH(xXFixesGetCursorNameReq);
- VERIFY_CURSOR(pCursor, stuff->cursor, client, DixReadAccess);
+ VERIFY_CURSOR(pCursor, stuff->cursor, client, DixGetAttrAccess);
if (pCursor->name)
str = NameForAtom (pCursor->name);
else
@@ -493,12 +496,16 @@ ProcXFixesGetCursorImageAndName (ClientP
char *name;
int nbytes, nbytesRound;
int width, height;
- int x, y;
+ int rc, x, y;
REQUEST_SIZE_MATCH(xXFixesGetCursorImageAndNameReq);
pCursor = CursorCurrent;
if (!pCursor)
return BadCursor;
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
+ DixReadAccess|DixGetAttrAccess, pCursor);
+ if (rc != Success)
+ return rc;
GetSpritePosition (&x, &y);
width = pCursor->bits->width;
height = pCursor->bits->height;
@@ -675,8 +682,10 @@ ProcXFixesChangeCursor (ClientPtr client
REQUEST(xXFixesChangeCursorReq);
REQUEST_SIZE_MATCH(xXFixesChangeCursorReq);
- VERIFY_CURSOR (pSource, stuff->source, client, DixReadAccess);
- VERIFY_CURSOR (pDestination, stuff->destination, client, DixWriteAccess);
+ VERIFY_CURSOR (pSource, stuff->source, client,
+ DixReadAccess|DixGetAttrAccess);
+ VERIFY_CURSOR (pDestination, stuff->destination, client,
+ DixWriteAccess|DixSetAttrAccess);
ReplaceCursor (pSource, TestForCursor, (pointer) pDestination);
return (client->noClientException);
@@ -710,7 +719,8 @@ ProcXFixesChangeCursorByName (ClientPtr
REQUEST(xXFixesChangeCursorByNameReq);
REQUEST_FIXED_SIZE(xXFixesChangeCursorByNameReq, stuff->nbytes);
- VERIFY_CURSOR(pSource, stuff->source, client, DixReadAccess);
+ VERIFY_CURSOR(pSource, stuff->source, client,
+ DixReadAccess|DixGetAttrAccess);
tchar = (char *) &stuff[1];
name = MakeAtom (tchar, stuff->nbytes, FALSE);
if (name)
@@ -838,10 +848,11 @@ ProcXFixesHideCursor (ClientPtr client)
REQUEST_SIZE_MATCH (xXFixesHideCursorReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin) {
+ ret = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW,
+ client, DixGetAttrAccess);
+ if (ret != Success) {
client->errorValue = stuff->window;
- return BadWindow;
+ return (ret == BadValue) ? BadWindow : ret;
}
/*
@@ -859,6 +870,11 @@ ProcXFixesHideCursor (ClientPtr client)
* This is the first time this client has hid the cursor
* for this screen.
*/
+ ret = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen,
+ DixHideAccess);
+ if (ret != Success)
+ return ret;
+
ret = createCursorHideCount(client, pWin->drawable.pScreen);
if (ret == Success) {
@@ -885,14 +901,16 @@ ProcXFixesShowCursor (ClientPtr client)
{
WindowPtr pWin;
CursorHideCountPtr pChc;
+ int rc;
REQUEST(xXFixesShowCursorReq);
REQUEST_SIZE_MATCH (xXFixesShowCursorReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin) {
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW,
+ client, DixGetAttrAccess);
+ if (rc != Success) {
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
/*
@@ -904,6 +922,11 @@ ProcXFixesShowCursor (ClientPtr client)
return BadMatch;
}
+ rc = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen,
+ DixShowAccess);
+ if (rc != Success)
+ return rc;
+
pChc->hideCount--;
if (pChc->hideCount <= 0) {
FreeResource(pChc->resource, 0);
diff --git a/xfixes/region.c b/xfixes/region.c
index d4316be..d90b1e0 100755
--- a/xfixes/region.c
+++ b/xfixes/region.c
@@ -109,18 +109,18 @@ ProcXFixesCreateRegionFromBitmap (Client
{
RegionPtr pRegion;
PixmapPtr pPixmap;
+ int rc;
REQUEST (xXFixesCreateRegionFromBitmapReq);
REQUEST_SIZE_MATCH (xXFixesCreateRegionFromBitmapReq);
LEGAL_NEW_RESOURCE (stuff->region, client);
- pPixmap = (PixmapPtr) SecurityLookupIDByType (client, stuff->bitmap,
- RT_PIXMAP,
- DixReadAccess);
- if (!pPixmap)
+ rc = dixLookupResource((pointer *)&pPixmap, stuff->bitmap, RT_PIXMAP,
+ client, DixReadAccess);
+ if (rc != Success)
{
client->errorValue = stuff->bitmap;
- return BadPixmap;
+ return (rc == BadValue) ? BadPixmap : rc;
}
if (pPixmap->drawable.depth != 1)
return BadMatch;
@@ -155,15 +155,17 @@ ProcXFixesCreateRegionFromWindow (Client
RegionPtr pRegion;
Bool copy = TRUE;
WindowPtr pWin;
+ int rc;
REQUEST (xXFixesCreateRegionFromWindowReq);
REQUEST_SIZE_MATCH (xXFixesCreateRegionFromWindowReq);
LEGAL_NEW_RESOURCE (stuff->region, client);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW,
+ client, DixGetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
switch (stuff->kind) {
case WindowRegionBounding:
@@ -224,7 +226,7 @@ ProcXFixesCreateRegionFromGC (ClientPtr
REQUEST_SIZE_MATCH (xXFixesCreateRegionFromGCReq);
LEGAL_NEW_RESOURCE (stuff->region, client);
- rc = dixLookupGC(&pGC, stuff->gc, client, DixReadAccess);
+ rc = dixLookupGC(&pGC, stuff->gc, client, DixGetAttrAccess);
if (rc != Success)
return rc;
@@ -274,7 +276,7 @@ ProcXFixesCreateRegionFromPicture (Clien
REQUEST_SIZE_MATCH (xXFixesCreateRegionFromPictureReq);
LEGAL_NEW_RESOURCE (stuff->region, client);
- VERIFY_PICTURE(pPicture, stuff->picture, client, DixReadAccess,
+ VERIFY_PICTURE(pPicture, stuff->picture, client, DixGetAttrAccess,
RenderErrBase + BadPicture);
switch (pPicture->clientClipType) {
@@ -635,7 +637,7 @@ ProcXFixesSetGCClipRegion (ClientPtr cli
REQUEST(xXFixesSetGCClipRegionReq);
REQUEST_SIZE_MATCH(xXFixesSetGCClipRegionReq);
- rc = dixLookupGC(&pGC, stuff->gc, client, DixWriteAccess);
+ rc = dixLookupGC(&pGC, stuff->gc, client, DixSetAttrAccess);
if (rc != Success)
return rc;
@@ -681,14 +683,16 @@ ProcXFixesSetWindowShapeRegion (ClientPt
ScreenPtr pScreen;
RegionPtr pRegion;
RegionPtr *pDestRegion;
+ int rc;
REQUEST(xXFixesSetWindowShapeRegionReq);
REQUEST_SIZE_MATCH(xXFixesSetWindowShapeRegionReq);
- pWin = (WindowPtr) LookupIDByType (stuff->dest, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->dest, RT_WINDOW,
+ client, DixSetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->dest;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
VERIFY_REGION_OR_NONE(pRegion, stuff->region, client, DixWriteAccess);
pScreen = pWin->drawable.pScreen;
@@ -780,7 +784,7 @@ ProcXFixesSetPictureClipRegion (ClientPt
REQUEST(xXFixesSetPictureClipRegionReq);
REQUEST_SIZE_MATCH (xXFixesSetPictureClipRegionReq);
- VERIFY_PICTURE(pPicture, stuff->picture, client, DixWriteAccess,
+ VERIFY_PICTURE(pPicture, stuff->picture, client, DixSetAttrAccess,
RenderErrBase + BadPicture);
pScreen = pPicture->pDrawable->pScreen;
ps = GetPictureScreen (pScreen);
diff --git a/xfixes/saveset.c b/xfixes/saveset.c
index 8d66843..e6e2976 100755
--- a/xfixes/saveset.c
+++ b/xfixes/saveset.c
@@ -35,7 +35,7 @@ ProcXFixesChangeSaveSet(ClientPtr client
REQUEST(xXFixesChangeSaveSetReq);
REQUEST_SIZE_MATCH(xXFixesChangeSaveSetReq);
- result = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess);
+ result = dixLookupWindow(&pWin, stuff->window, client, DixManageAccess);
if (result != Success)
return result;
if (client->clientAsMask == (CLIENT_BITS(pWin->drawable.id)))
diff --git a/xfixes/select.c b/xfixes/select.c
index c007680..9de152f 100755
--- a/xfixes/select.c
+++ b/xfixes/select.c
@@ -25,6 +25,7 @@
#endif
#include "xfixesint.h"
+#include "xace.h"
static RESTYPE SelectionClientType, SelectionWindowType;
static Bool SelectionCallbackRegistered = FALSE;
@@ -131,8 +132,14 @@ XFixesSelectSelectionInput (ClientPtr pC
WindowPtr pWindow,
CARD32 eventMask)
{
+ int rc;
SelectionEventPtr *prev, e;
+ rc = XaceHook(XACE_SELECTION_ACCESS, pClient, selection, NULL,
+ DixGetAttrAccess);
+ if (rc != Success)
+ return rc;
+
for (prev = &selectionEvents; (e = *prev); prev = &e->next)
{
if (e->selection == selection &&
@@ -196,7 +203,7 @@ ProcXFixesSelectSelectionInput (ClientPt
int rc;
REQUEST_SIZE_MATCH (xXFixesSelectSelectionInputReq);
- rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess);
+ rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess);
if (rc != Success)
return rc;
if (stuff->eventMask & ~SelectionAllEvents)
More information about the xorg-commit
mailing list