xserver: Branch 'XACE-modular' - 8 commits
Eamon Walsh
ewalsh at kemper.freedesktop.org
Fri Aug 25 15:29:54 PDT 2006
Xext/security.c | 53 ++++++++++++++--------------
Xext/xace.c | 83 ++++++++++-----------------------------------
Xext/xace.h | 33 +++--------------
Xext/xacestr.h | 32 +++++++----------
dix/dispatch.c | 22 ++++++++++-
dix/events.c | 4 ++
dix/extension.c | 42 ++++++++++++++++++++--
dix/main.c | 1
dix/privates.c | 58 +++++++++++++++++++++++++++++++
dix/resource.c | 61 ++-------------------------------
dix/window.c | 8 ++++
hw/xfree86/loader/dixsym.c | 4 +-
include/dixstruct.h | 3 -
include/extension.h | 8 ++++
include/extnsionst.h | 5 +-
include/resource.h | 11 -----
16 files changed, 208 insertions(+), 220 deletions(-)
New commits:
diff-tree 13c6713c82763a85c725c998b37ad02156d803ba (from 52ba722e4c89c052609b4fc62e965d92778aa2dd)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Aug 25 18:17:01 2006 -0400
Add four new XACE hooks: auditing, key event notification, window init
diff --git a/Xext/xace.c b/Xext/xace.c
index 29853b3..44aaa42 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -169,6 +169,39 @@ int XaceHook(int hook, ...)
calldata = &rec;
break;
}
+ case XACE_KEY_AVAIL: {
+ XaceKeyAvailRec rec = {
+ va_arg(ap, xEventPtr),
+ va_arg(ap, DeviceIntPtr),
+ va_arg(ap, int)
+ };
+ calldata = &rec;
+ break;
+ }
+ case XACE_WINDOW_INIT: {
+ XaceWindowRec rec = {
+ va_arg(ap, ClientPtr),
+ va_arg(ap, WindowPtr)
+ };
+ calldata = &rec;
+ break;
+ }
+ case XACE_AUDIT_BEGIN: {
+ XaceAuditRec rec = {
+ va_arg(ap, ClientPtr),
+ 0
+ };
+ calldata = &rec;
+ break;
+ }
+ case XACE_AUDIT_END: {
+ XaceAuditRec rec = {
+ va_arg(ap, ClientPtr),
+ va_arg(ap, int)
+ };
+ calldata = &rec;
+ break;
+ }
default: {
va_end(ap);
return 0; /* unimplemented hook number */
diff --git a/Xext/xace.h b/Xext/xace.h
index 68f6dd4..6cb4b4f 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -46,7 +46,11 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#define XACE_SITE_POLICY 10
#define XACE_DECLARE_EXT_SECURE 11
#define XACE_AUTH_AVAIL 12
-#define XACE_NUM_HOOKS 13
+#define XACE_KEY_AVAIL 13
+#define XACE_WINDOW_INIT 14
+#define XACE_AUDIT_BEGIN 15
+#define XACE_AUDIT_END 16
+#define XACE_NUM_HOOKS 17
extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS];
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index a01bf4a..7114d06 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -112,4 +112,24 @@ typedef struct {
XID authId;
} XaceAuthAvailRec;
+/* XACE_KEY_AVAIL */
+typedef struct {
+ xEventPtr event;
+ DeviceIntPtr keybd;
+ int count;
+} XaceKeyAvailRec;
+
+/* XACE_WINDOW_INIT */
+typedef struct {
+ ClientPtr client;
+ WindowPtr pWin;
+} XaceWindowRec;
+
+/* XACE_AUDIT_BEGIN */
+/* XACE_AUDIT_END */
+typedef struct {
+ ClientPtr client;
+ int requestResult;
+} XaceAuditRec;
+
#endif /* _XACESTR_H */
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 95331f1..aa67dc4 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -451,7 +451,15 @@ Dispatch(void)
if (result > (maxBigRequestSize << 2))
result = BadLength;
else
+#ifdef XACE
+ {
+ XaceHook(XACE_AUDIT_BEGIN, client);
result = (* client->requestVector[MAJOROP])(client);
+ XaceHook(XACE_AUDIT_END, client, result);
+ }
+#else
+ result = (* client->requestVector[MAJOROP])(client);
+#endif /* XACE */
if (result != Success)
{
diff --git a/dix/events.c b/dix/events.c
index c00a000..c57a30e 100644
--- a/dix/events.c
+++ b/dix/events.c
@@ -2846,6 +2846,10 @@ drawable.id:0;
DeliverFocusedEvent(keybd, xE, sprite.win, count);
if (deactivateGrab)
(*keybd->DeactivateGrab)(keybd);
+
+#ifdef XACE
+ XaceHook(XACE_KEY_AVAIL, xE, keybd, count);
+#endif
}
#ifdef XKB
diff --git a/dix/window.c b/dix/window.c
index d710d07..3dfeda3 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -530,6 +530,10 @@ InitRootWindow(WindowPtr pWin)
/* We SHOULD check for an error value here XXX */
(*pScreen->ChangeWindowAttributes)(pWin, backFlag);
+#ifdef XACE
+ XaceHook(XACE_WINDOW_INIT, serverClient, pWin);
+#endif
+
MapWindow(pWin, serverClient);
}
@@ -762,6 +766,10 @@ CreateWindow(Window wid, register Window
REGION_NULL(pScreen, &pWin->winSize);
REGION_NULL(pScreen, &pWin->borderSize);
+#ifdef XACE
+ XaceHook(XACE_WINDOW_INIT, client, pWin);
+#endif
+
pHead = RealChildHead(pParent);
if (pHead)
{
diff-tree 52ba722e4c89c052609b4fc62e965d92778aa2dd (from parents)
Merge: 9138d5a51e411f598bc0e75a3e73d2c16187a518 05541259bdb0dfaab015a01caa3722b7a1b782e2
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Mon Aug 21 18:49:31 2006 -0400
Merge branch 'XACE-modular' into my-XACE-modular
diff-tree 9138d5a51e411f598bc0e75a3e73d2c16187a518 (from 45c229f526bf1dafb5e81b50d700449ba4e1613d)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Aug 3 18:24:04 2006 -0400
Make SecurityLookupIDBy* part of the base functionality.
diff --git a/dix/resource.c b/dix/resource.c
index abe79de..669739e 100644
--- a/dix/resource.c
+++ b/dix/resource.c
@@ -824,8 +824,6 @@ LegalNewID(XID id, register ClientPtr cl
!LookupIDByClass(id, RC_ANY)));
}
-#ifdef XACE
-
/* SecurityLookupIDByType and SecurityLookupIDByClass:
* These are the heart of the resource ID security system. They take
* two additional arguments compared to the old LookupID functions:
@@ -841,10 +839,6 @@ SecurityLookupIDByType(ClientPtr client,
register ResourcePtr res;
pointer retval = NULL;
- assert(client == NullClient ||
- (client->index <= currentMaxClients && clients[client->index] == client));
- assert( (rtype & TypeMask) <= lastResourceType);
-
if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
clientTable[cid].buckets)
{
@@ -857,9 +851,11 @@ SecurityLookupIDByType(ClientPtr client,
break;
}
}
+#ifdef XACE
if (retval && client &&
!XaceHook(XACE_RESOURCE_ACCESS, client, id, rtype, mode, retval))
retval = NULL;
+#endif
return retval;
}
@@ -871,10 +867,6 @@ SecurityLookupIDByClass(ClientPtr client
register ResourcePtr res = NULL;
pointer retval = NULL;
- assert(client == NullClient ||
- (client->index <= currentMaxClients && clients[client->index] == client));
- assert (classes >= lastResourceClass);
-
if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
clientTable[cid].buckets)
{
@@ -887,9 +879,11 @@ SecurityLookupIDByClass(ClientPtr client
break;
}
}
+#ifdef XACE
if (retval && client &&
!XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type, mode, retval))
retval = NULL;
+#endif
return retval;
}
@@ -910,50 +904,3 @@ LookupIDByClass(XID id, RESTYPE classes)
return SecurityLookupIDByClass(NullClient, id, classes,
SecurityUnknownAccess);
}
-
-#else /* not XACE */
-
-/*
- * LookupIDByType returns the object with the given id and type, else NULL.
- */
-pointer
-LookupIDByType(XID id, RESTYPE rtype)
-{
- int cid;
- register ResourcePtr res;
-
- if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
- clientTable[cid].buckets)
- {
- res = clientTable[cid].resources[Hash(cid, id)];
-
- for (; res; res = res->next)
- if ((res->id == id) && (res->type == rtype))
- return res->value;
- }
- return (pointer)NULL;
-}
-
-/*
- * LookupIDByClass returns the object with the given id and any one of the
- * given classes, else NULL.
- */
-pointer
-LookupIDByClass(XID id, RESTYPE classes)
-{
- int cid;
- register ResourcePtr res;
-
- if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
- clientTable[cid].buckets)
- {
- res = clientTable[cid].resources[Hash(cid, id)];
-
- for (; res; res = res->next)
- if ((res->id == id) && (res->type & classes))
- return res->value;
- }
- return (pointer)NULL;
-}
-
-#endif /* XACE */
diff --git a/hw/xfree86/loader/dixsym.c b/hw/xfree86/loader/dixsym.c
index dba2cc4..d30848a 100644
--- a/hw/xfree86/loader/dixsym.c
+++ b/hw/xfree86/loader/dixsym.c
@@ -285,10 +285,8 @@ _X_HIDDEN void *dixLookupTab[] = {
SYMFUNC(LookupIDByType)
SYMFUNC(LookupIDByClass)
SYMFUNC(LegalNewID)
-#ifdef XACE
SYMFUNC(SecurityLookupIDByClass)
SYMFUNC(SecurityLookupIDByType)
-#endif
SYMFUNC(FindClientResourcesByType)
SYMFUNC(FindAllClientResources)
SYMVAR(lastResourceType)
diff --git a/include/resource.h b/include/resource.h
index c08998c..613b50a 100644
--- a/include/resource.h
+++ b/include/resource.h
@@ -227,8 +227,6 @@ extern pointer LookupClientResourceCompl
#define SecurityWriteAccess (1<<1) /* changing the object */
#define SecurityDestroyAccess (1<<2) /* destroying the object */
-#ifdef XACE
-
extern pointer SecurityLookupIDByType(
ClientPtr /*client*/,
XID /*id*/,
@@ -241,15 +239,6 @@ extern pointer SecurityLookupIDByClass(
RESTYPE /*classes*/,
Mask /*access_mode*/);
-#else /* not XACE */
-
-#define SecurityLookupIDByType(client, id, rtype, access_mode) \
- LookupIDByType(id, rtype)
-
-#define SecurityLookupIDByClass(client, id, classes, access_mode) \
- LookupIDByClass(id, classes)
-
-#endif /* XACE */
extern void GetXIDRange(
int /*client*/,
diff-tree 45c229f526bf1dafb5e81b50d700449ba4e1613d (from 96e45626c43b7674b66e0258b0b1730d5ce71357)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Aug 3 14:26:06 2006 -0400
Remove LBX code.
diff --git a/Xext/xace.c b/Xext/xace.c
index eb9540a..29853b3 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -169,36 +169,6 @@ int XaceHook(int hook, ...)
calldata = &rec;
break;
}
-#ifdef LBX
- case XACE_LBX_EXT_ACCESS: {
- XaceLbxExtAccessRec rec = {
- va_arg(ap, ClientPtr),
- va_arg(ap, LbxExtensionEntry*),
- TRUE /* default allow */
- };
- calldata = &rec;
- prv = &rec.rval;
- break;
- }
- case XACE_DECLARE_LBX_EXT_SECURE: {
- XaceDeclareLbxExtSecureRec rec = {
- va_arg(ap, LbxExtensionEntry*),
- va_arg(ap, Bool)
- };
- calldata = &rec;
- break;
- }
- case XACE_LBX_PROXY_ACCESS: {
- XaceLbxProxyAccessRec rec = {
- va_arg(ap, ClientPtr),
- va_arg(ap, XID),
- TRUE /* default allow */
- };
- calldata = &rec;
- prv = &rec.rval;
- break;
- }
-#endif
default: {
va_end(ap);
return 0; /* unimplemented hook number */
diff --git a/Xext/xace.h b/Xext/xace.h
index 8c06956..68f6dd4 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -46,14 +46,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#define XACE_SITE_POLICY 10
#define XACE_DECLARE_EXT_SECURE 11
#define XACE_AUTH_AVAIL 12
-#ifndef LBX
#define XACE_NUM_HOOKS 13
-#else /* LBX */
-#define XACE_LBX_EXT_ACCESS 13
-#define XACE_DECLARE_LBX_EXT_SECURE 14
-#define XACE_LBX_PROXY_ACCESS 15
-#define XACE_NUM_HOOKS 16
-#endif
extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS];
@@ -64,9 +57,7 @@ extern int XaceHook(
... /*appropriate args for hook*/
);
-/* Register a callback for a given hook. Extensions do not
- * need to register themselves with XACERegisterExtension()
- * to do this.
+/* Register a callback for a given hook.
*/
#define XaceRegisterCallback(hook,callback,data) \
AddCallback(XaceHooks+(hook), callback, data)
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index d460715..a01bf4a 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -28,9 +28,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#include "windowstr.h"
#include "inputstr.h"
#include "xace.h"
-#ifdef LBX
-#include "lbxserve.h" /* for LbxExtensionEntry */
-#endif
/* XACE_CORE_DISPATCH */
typedef struct {
@@ -115,27 +112,4 @@ typedef struct {
XID authId;
} XaceAuthAvailRec;
-#ifdef LBX
-/* XACE_LBX_EXT_ACCESS */
-typedef struct {
- ClientPtr client;
- LbxExtensionEntry *ext;
- int rval;
-} XaceLbxExtAccessRec;
-
-/* XACE_DECLARE_LBX_EXT_SECURE */
-typedef struct {
- LbxExtensionEntry *ext;
- Bool secure;
-} XaceDeclareLbxExtSecureRec;
-
-/* XACE_LBX_PROXY_ACCESS */
-typedef struct {
- ClientPtr client;
- XID authId;
- int rval;
-} XaceLbxProxyAccessRec;
-
-#endif /* LBX */
-
#endif /* _XACESTR_H */
diff-tree 96e45626c43b7674b66e0258b0b1730d5ce71357 (from 3c23dec5962b8b81ae838fe0ee2c7b0a789f5386)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Wed Aug 2 20:29:59 2006 -0400
Rebase Security extension to use devPrivates for storing security state.
diff --git a/Xext/security.c b/Xext/security.c
index b96ac28..2c34153 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -62,7 +62,8 @@ in this Software without prior written a
static int SecurityErrorBase; /* first Security error number */
static int SecurityEventBase; /* first Security event number */
-static int slot; /* Xace security state number */
+static int securityClientPrivateIndex;
+static int securityExtnsnPrivateIndex;
/* this is what we store as client security state */
typedef struct {
@@ -70,9 +71,14 @@ typedef struct {
XID authId;
} SecurityClientStateRec;
-#define STATEPTR(obj) ((obj)->securityState[slot])
-#define TRUSTLEVEL(obj) (((SecurityClientStateRec*)STATEPTR(obj))->trustLevel)
-#define AUTHID(obj) (((SecurityClientStateRec*)STATEPTR(obj))->authId)
+#define STATEVAL(extnsn) \
+ ((extnsn)->devPrivates[securityExtnsnPrivateIndex].val)
+#define STATEPTR(client) \
+ ((client)->devPrivates[securityClientPrivateIndex].ptr)
+#define TRUSTLEVEL(client) \
+ (((SecurityClientStateRec*)STATEPTR(client))->trustLevel)
+#define AUTHID(client) \
+ (((SecurityClientStateRec*)STATEPTR(client))->authId)
CallbackListPtr SecurityValidateGroupCallback = NULL; /* see security.h */
@@ -1118,6 +1124,11 @@ CALLBACK(SecurityClientStateCallback)
switch (client->clientState)
{
+ case ClientStateInitial:
+ TRUSTLEVEL(serverClient) = XSecurityClientTrusted;
+ AUTHID(serverClient) = None;
+ break;
+
case ClientStateRunning:
{
XID authId = AuthorizationIDOfClient(client);
@@ -1148,7 +1159,6 @@ CALLBACK(SecurityClientStateCallback)
case ClientStateRetained: /* client disconnected */
{
SecurityAuthorizationPtr pAuth;
- pointer freeit;
/* client may not have any state (bad authorization) */
if (!STATEPTR(client))
@@ -1164,10 +1174,6 @@ CALLBACK(SecurityClientStateCallback)
SecurityStartAuthorizationTimer(pAuth);
}
}
- /* free security state */
- freeit = STATEPTR(client);
- STATEPTR(client) = NULL;
- xfree(freeit);
break;
}
default: break;
@@ -1208,7 +1214,7 @@ CALLBACK(SecurityCheckExtAccess)
XaceExtAccessRec *rec = (XaceExtAccessRec*)calldata;
if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) &&
- !STATEPTR(rec->ext))
+ !STATEVAL(rec->ext))
rec->rval = FALSE;
}
@@ -1234,7 +1240,7 @@ CALLBACK(SecurityDeclareExtSecure)
XaceDeclareExtSecureRec *rec = (XaceDeclareExtSecureRec*)calldata;
/* security state for extensions is simply a boolean trust value */
- STATEPTR(rec->ext) = (pointer)rec->secure;
+ STATEVAL(rec->ext) = rec->secure;
}
/**********************************************************************/
@@ -1842,10 +1848,6 @@ static void
SecurityResetProc(
ExtensionEntry *extEntry)
{
- pointer freeit = STATEPTR(serverClient);
- STATEPTR(serverClient) = NULL;
- xfree(freeit);
- XaceUnregisterExtension(slot);
SecurityFreePropertyAccessList();
SecurityFreeSitePolicyStrings();
} /* SecurityResetProc */
@@ -1882,13 +1884,16 @@ XSecurityOptions(argc, argv, i)
void
SecurityExtensionSetup(INITARGS)
{
- /* allocate space for security state (freed in SecurityResetProc) */
- STATEPTR(serverClient) = xalloc(sizeof(SecurityClientStateRec));
- if (!STATEPTR(serverClient))
- FatalError("serverClient: couldn't allocate security state\n");
-
- TRUSTLEVEL(serverClient) = XSecurityClientTrusted;
- AUTHID(serverClient) = None;
+ /* Allocate the client private index */
+ securityClientPrivateIndex = AllocateClientPrivateIndex();
+ if (!AllocateClientPrivate(securityClientPrivateIndex,
+ sizeof (SecurityClientStateRec)))
+ FatalError("SecurityExtensionSetup: Can't allocate client private.\n");
+
+ /* Allocate the extension private index */
+ securityExtnsnPrivateIndex = AllocateExtensionPrivateIndex();
+ if (!AllocateExtensionPrivate(securityExtnsnPrivateIndex, 0))
+ FatalError("SecurityExtensionSetup: Can't allocate extnsn private.\n");
/* register callbacks */
#define XaceRC XaceRegisterCallback
@@ -1934,10 +1939,6 @@ SecurityExtensionInit(INITARGS)
if (!AddCallback(&ClientStateCallback, SecurityClientStateCallback, NULL))
return;
- slot = XaceRegisterExtension(SECURITY_EXTENSION_NAME);
- if (slot < 0)
- return;
-
extEntry = AddExtension(SECURITY_EXTENSION_NAME,
XSecurityNumberEvents, XSecurityNumberErrors,
ProcSecurityDispatch, SProcSecurityDispatch,
diff --git a/Xext/xace.c b/Xext/xace.c
index 75fb8a3..eb9540a 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -26,9 +26,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE
CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
-static Bool stateSlotsUsed[XACE_STATE_SLOTS] = {0};
-static char *stateExtNames[XACE_STATE_SLOTS] = {0};
-
/* Proc vectors for untrusted clients, swapped and unswapped versions.
* These are the same as the normal proc vectors except that extensions
* that haven't declared themselves secure will have ProcBadRequest plugged
@@ -43,43 +40,6 @@ int (*SwappedUntrustedProcVector[256])(
ClientPtr /*client*/
);
-/* Register with the security module, which allows an extension to store
- * security state. The return value is the index which should be passed
- * to the state macros, or -1 if no more slots are available.
- */
-int XaceRegisterExtension(name)
- char *name;
-{
- int i;
- for (i=0; i<XACE_STATE_SLOTS; i++)
- if (!stateSlotsUsed[i])
- {
- /* save the extension name */
- if (name) {
- stateExtNames[i] = (char*)xalloc(strlen(name)+1);
- if (!stateExtNames[i])
- return -1;
- memcpy(stateExtNames[i], name, strlen(name)+1);
- }
- stateSlotsUsed[i] = TRUE;
- return i;
- }
- return -1; /* no slots free */
-}
-
-/* Unregister an extension. Pass the index returned at registration time.
- */
-void XaceUnregisterExtension(idx)
- int idx; /* state index */
-{
- /* free the extension name */
- if (stateExtNames[idx]) {
- xfree(stateExtNames[idx]);
- stateExtNames[idx] = NULL;
- }
- stateSlotsUsed[idx] = FALSE;
-}
-
/* Entry point for hook functions. Called by Xserver.
*/
int XaceHook(int hook, ...)
@@ -296,14 +256,6 @@ XaceResetProc(ExtensionEntry *extEntry)
DeleteCallbackList(&XaceHooks[i]);
XaceHooks[i] = NULL;
}
-
- for (i=0; i<XACE_STATE_SLOTS; i++)
- {
- if (stateExtNames[i])
- xfree(stateExtNames[i]);
- stateExtNames[i] = NULL;
- stateSlotsUsed[i] = FALSE;
- }
} /* XaceResetProc */
diff --git a/Xext/xace.h b/Xext/xace.h
index d7fb0c3..8c06956 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -30,10 +30,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#define XaceNumberEvents 0
#define XaceNumberErrors 0
-/* security state */
-#define XACE_STATE_SLOTS 4
-#define XACE_STATE_INIT(ary) memset(ary, 0, sizeof(ary))
-
/* security hooks */
/* Constants used to identify the available security hooks
*/
@@ -81,18 +77,6 @@ extern int XaceHook(
DeleteCallback(XaceHooks+(hook), callback, data)
-/* extension registration */
-
-/* Register with the security module, which allows an extension to store
- * security state. Pass the name of the calling extension. Returns the
- * index number for the state macros or -1 if no more slots are available.
- */
-extern int XaceRegisterExtension(char *);
-
-/* Unregister an extension. Pass the index returned at registration time.
- */
-extern void XaceUnregisterExtension(int);
-
/* From the original Security extension...
*/
diff --git a/dix/dispatch.c b/dix/dispatch.c
index a717fbd..b094e70 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -3647,9 +3647,6 @@ void InitClient(ClientPtr client, int i,
}
#endif
client->replyBytesRemaining = 0;
-#ifdef XACE
- XACE_STATE_INIT(client->securityState);
-#endif
#ifdef XAPPGROUP
client->appgroup = NULL;
#endif
diff --git a/dix/extension.c b/dix/extension.c
index 40e1373..46b7e14 100644
--- a/dix/extension.c
+++ b/dix/extension.c
@@ -131,6 +131,7 @@ AddExtension(char *name, int NumEvents,
ext = (ExtensionEntry *) xalloc(totalExtensionSize);
if (!ext || !InitExtensionPrivates(ext))
return((ExtensionEntry *) NULL);
+ bzero(ext, totalExtensionSize);
ext->name = (char *)xalloc(strlen(name) + 1);
ext->num_aliases = 0;
ext->aliases = (char **)NULL;
@@ -180,9 +181,6 @@ AddExtension(char *name, int NumEvents,
ext->errorBase = 0;
ext->errorLast = 0;
}
-#ifdef XACE
- XACE_STATE_INIT(ext->securityState);
-#endif
return(ext);
}
diff --git a/include/dixstruct.h b/include/dixstruct.h
index 1ac7d84..a6f6749 100644
--- a/include/dixstruct.h
+++ b/include/dixstruct.h
@@ -130,9 +130,6 @@ typedef struct _Client {
int requestLogIndex;
#endif
unsigned long replyBytesRemaining;
-#ifdef XACE
- pointer securityState[4]; /* 4 slots for use */
-#endif
#ifdef XAPPGROUP
struct _AppGroupRec* appgroup;
#endif
diff --git a/include/extnsionst.h b/include/extnsionst.h
index 35aa97e..e28732f 100644
--- a/include/extnsionst.h
+++ b/include/extnsionst.h
@@ -72,9 +72,6 @@ typedef struct _ExtensionEntry {
unsigned short (* MinorOpcode)( /* called for errors */
ClientPtr /* client */);
DevUnion *devPrivates;
-#ifdef XACE
- pointer securityState[4]; /* 4 slots for use */
-#endif
} ExtensionEntry;
/*
diff-tree 3c23dec5962b8b81ae838fe0ee2c7b0a789f5386 (from f737cc38baea6af8bf284c9e207e60a7d90eebe1)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Wed Aug 2 13:39:49 2006 -0400
Call ClientStateCallback on serverClient devPrivates initialization.
diff --git a/dix/dispatch.c b/dix/dispatch.c
index a754a2f..a717fbd 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -3698,6 +3698,17 @@ InitClientPrivates(ClientPtr client)
else
ppriv->ptr = (pointer)NULL;
}
+
+ /* Allow registrants to initialize the serverClient devPrivates */
+ if (!client->index && ClientStateCallback)
+ {
+ NewClientInfoRec clientinfo;
+
+ clientinfo.client = client;
+ clientinfo.prefix = (xConnSetupPrefix *)NULL;
+ clientinfo.setup = (xConnSetup *) NULL;
+ CallCallbacks((&ClientStateCallback), (pointer)&clientinfo);
+ }
return 1;
}
diff-tree f737cc38baea6af8bf284c9e207e60a7d90eebe1 (from b04d64854712678701d5243aacf5cc93444cfadc)
Author: Eamon Walsh <ewalsh at moss-uranus.epoch.ncsc.mil>
Date: Mon Jul 31 19:58:42 2006 -0400
Adding devPrivates support to the ExtensionEntry structure.
diff --git a/hw/xfree86/loader/dixsym.c b/hw/xfree86/loader/dixsym.c
index 0963bef..dba2cc4 100644
--- a/hw/xfree86/loader/dixsym.c
+++ b/hw/xfree86/loader/dixsym.c
@@ -256,6 +256,8 @@ _X_HIDDEN void *dixLookupTab[] = {
SYMFUNC(GetScratchPixmapHeader)
SYMFUNC(FreeScratchPixmapHeader)
/* privates.c */
+ SYMFUNC(AllocateExtensionPrivate)
+ SYMFUNC(AllocateExtensionPrivateIndex)
SYMFUNC(AllocateClientPrivate)
SYMFUNC(AllocateClientPrivateIndex)
SYMFUNC(AllocateGCPrivate)
diff --git a/include/extension.h b/include/extension.h
index c3d7c21..fb7d741 100644
--- a/include/extension.h
+++ b/include/extension.h
@@ -62,6 +62,12 @@ extern void EnableDisableExtensionError(
extern void ResetExtensionPrivates(void);
+extern int AllocateExtensionPrivateIndex(void);
+
+extern Bool AllocateExtensionPrivate(
+ int /*index*/,
+ unsigned /*amount*/);
+
extern void InitExtensions(int argc, char **argv);
extern void InitVisualWrap(void);
diff-tree b04d64854712678701d5243aacf5cc93444cfadc (from c0cb8d1fb80540e093da54da3ee2f55bdf139274)
Author: Eamon Walsh <ewalsh at moss-uranus.epoch.ncsc.mil>
Date: Mon Jul 31 19:35:08 2006 -0400
Added devPrivates support to the ExtensionEntry structure.
diff --git a/dix/extension.c b/dix/extension.c
index bb20ade..40e1373 100644
--- a/dix/extension.c
+++ b/dix/extension.c
@@ -78,6 +78,40 @@ int lastEvent = EXTENSION_EVENT_BASE;
static int lastError = FirstExtensionError;
static unsigned int NumExtensions = 0;
+extern int extensionPrivateLen;
+extern unsigned *extensionPrivateSizes;
+extern unsigned totalExtensionSize;
+
+static int
+InitExtensionPrivates(ExtensionEntry *ext)
+{
+ register char *ptr;
+ DevUnion *ppriv;
+ register unsigned *sizes;
+ register unsigned size;
+ register int i;
+
+ if (totalExtensionSize == sizeof(ExtensionEntry))
+ ppriv = (DevUnion *)NULL;
+ else
+ ppriv = (DevUnion *)(ext + 1);
+
+ ext->devPrivates = ppriv;
+ sizes = extensionPrivateSizes;
+ ptr = (char *)(ppriv + extensionPrivateLen);
+ for (i = extensionPrivateLen; --i >= 0; ppriv++, sizes++)
+ {
+ if ( (size = *sizes) )
+ {
+ ppriv->ptr = (pointer)ptr;
+ ptr += size;
+ }
+ else
+ ppriv->ptr = (pointer)NULL;
+ }
+ return 1;
+}
+
_X_EXPORT ExtensionEntry *
AddExtension(char *name, int NumEvents, int NumErrors,
int (*MainProc)(ClientPtr c1),
@@ -94,8 +128,8 @@ AddExtension(char *name, int NumEvents,
(unsigned)(lastError + NumErrors > LAST_ERROR))
return((ExtensionEntry *) NULL);
- ext = (ExtensionEntry *) xalloc(sizeof(ExtensionEntry));
- if (!ext)
+ ext = (ExtensionEntry *) xalloc(totalExtensionSize);
+ if (!ext || !InitExtensionPrivates(ext))
return((ExtensionEntry *) NULL);
ext->name = (char *)xalloc(strlen(name) + 1);
ext->num_aliases = 0;
diff --git a/dix/main.c b/dix/main.c
index 9d66a4f..e8039e9 100644
--- a/dix/main.c
+++ b/dix/main.c
@@ -357,6 +357,7 @@ main(int argc, char *argv[], char *envp[
InitAtoms();
InitEvents();
InitGlyphCaching();
+ ResetExtensionPrivates();
ResetClientPrivates();
ResetScreenPrivates();
ResetWindowPrivates();
diff --git a/dix/privates.c b/dix/privates.c
index 0c94ff5..f2ceaf8 100644
--- a/dix/privates.c
+++ b/dix/privates.c
@@ -45,6 +45,7 @@ from The Open Group.
#include "servermd.h"
#include "site.h"
#include "inputstr.h"
+#include "extnsionst.h"
/*
* See the Wrappers and devPrivates section in "Definition of the
@@ -53,6 +54,63 @@ from The Open Group.
*/
/*
+ * extension private machinery
+ */
+
+static int extensionPrivateCount;
+int extensionPrivateLen;
+unsigned *extensionPrivateSizes;
+unsigned totalExtensionSize;
+
+void
+ResetExtensionPrivates()
+{
+ extensionPrivateCount = 0;
+ extensionPrivateLen = 0;
+ xfree(extensionPrivateSizes);
+ extensionPrivateSizes = (unsigned *)NULL;
+ totalExtensionSize =
+ ((sizeof(ExtensionEntry) + sizeof(long) - 1) / sizeof(long)) * sizeof(long);
+}
+
+_X_EXPORT int
+AllocateExtensionPrivateIndex()
+{
+ return extensionPrivateCount++;
+}
+
+_X_EXPORT Bool
+AllocateExtensionPrivate(int index2, unsigned amount)
+{
+ unsigned oldamount;
+
+ /* Round up sizes for proper alignment */
+ amount = ((amount + (sizeof(long) - 1)) / sizeof(long)) * sizeof(long);
+
+ if (index2 >= extensionPrivateLen)
+ {
+ unsigned *nsizes;
+ nsizes = (unsigned *)xrealloc(extensionPrivateSizes,
+ (index2 + 1) * sizeof(unsigned));
+ if (!nsizes)
+ return FALSE;
+ while (extensionPrivateLen <= index2)
+ {
+ nsizes[extensionPrivateLen++] = 0;
+ totalExtensionSize += sizeof(DevUnion);
+ }
+ extensionPrivateSizes = nsizes;
+ }
+ oldamount = extensionPrivateSizes[index2];
+ if (amount > oldamount)
+ {
+ extensionPrivateSizes[index2] = amount;
+ totalExtensionSize += (amount - oldamount);
+ }
+ return TRUE;
+}
+
+/*
* client private machinery
*/
diff --git a/include/extension.h b/include/extension.h
index 613076d..c3d7c21 100644
--- a/include/extension.h
+++ b/include/extension.h
@@ -60,6 +60,8 @@ extern Bool EnableDisableExtension(char
extern void EnableDisableExtensionError(char *name, Bool enable);
+extern void ResetExtensionPrivates(void);
+
extern void InitExtensions(int argc, char **argv);
extern void InitVisualWrap(void);
diff --git a/include/extnsionst.h b/include/extnsionst.h
index a86e52c..35aa97e 100644
--- a/include/extnsionst.h
+++ b/include/extnsionst.h
@@ -50,6 +50,7 @@ SOFTWARE.
#ifndef EXTENSIONSTRUCT_H
#define EXTENSIONSTRUCT_H
+#include "dix.h"
#include "misc.h"
#include "screenint.h"
#include "extension.h"
@@ -70,6 +71,7 @@ typedef struct _ExtensionEntry {
pointer extPrivate;
unsigned short (* MinorOpcode)( /* called for errors */
ClientPtr /* client */);
+ DevUnion *devPrivates;
#ifdef XACE
pointer securityState[4]; /* 4 slots for use */
#endif
More information about the xorg-commit
mailing list