xserver: Branch 'XACE-SELINUX' - 5 commits
Eamon Walsh
ewalsh at kemper.freedesktop.org
Fri Mar 23 03:00:50 EET 2007
Xext/security.c | 10 ---
Xext/xace.c | 4 -
Xext/xacestr.h | 4 -
Xext/xselinux.c | 4 -
dix/property.c | 120 ++++++++++++++++++++++++++++-----------------
hw/xfree86/loader/dixsym.c | 1
include/Makefile.am | 1
include/dixaccess.h | 29 ++++++++++
include/property.h | 11 ++++
include/propertyst.h | 2
include/resource.h | 15 -----
11 files changed, 127 insertions(+), 74 deletions(-)
New commits:
diff-tree e1cc68add0bcdd5e0e4e15cf6ee8a3da136d3534 (from c9fb8a35332d101897607d8f06ed5a6512eac7cf)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Mar 22 17:33:16 2007 -0400
xace: drop the name argument from the property callback.
diff --git a/Xext/security.c b/Xext/security.c
index 00180b9..7ea032f 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -1708,7 +1708,7 @@ SecurityCheckPropertyAccess(CallbackList
XacePropertyAccessRec *rec = (XacePropertyAccessRec*)calldata;
ClientPtr client = rec->client;
WindowPtr pWin = rec->pWin;
- ATOM propertyName = rec->propertyName;
+ ATOM propertyName = rec->pProp->propertyName;
Mask access_mode = rec->access_mode;
PropertyAccessPtr pacl;
char action = SecurityDefaultAction;
diff --git a/Xext/xace.c b/Xext/xace.c
index 8e277ac..a3c4d42 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -96,7 +96,6 @@ int XaceHook(int hook, ...)
va_arg(ap, ClientPtr),
va_arg(ap, WindowPtr),
va_arg(ap, PropertyPtr),
- va_arg(ap, Atom),
va_arg(ap, Mask),
XaceAllowOperation /* default allow */
};
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index 19d1540..dc1bdfc 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -20,7 +20,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#ifndef _XACESTR_H
#define _XACESTR_H
-#include <X11/Xdefs.h>
#include "dixstruct.h"
#include "resource.h"
#include "extnsionst.h"
@@ -61,7 +60,6 @@ typedef struct {
ClientPtr client;
WindowPtr pWin;
PropertyPtr pProp;
- Atom propertyName;
Mask access_mode;
int rval;
} XacePropertyAccessRec;
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index eb721a7..4ed2784 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -1067,7 +1067,7 @@ XSELinuxProperty(CallbackListPtr *pcbl,
ClientPtr tclient;
access_vector_t perm = 0;
security_id_t propsid;
- char *propname = NameForAtom(rec->propertyName);
+ char *propname = NameForAtom(rec->pProp->propertyName);
tclient = wClient(pWin);
if (!client || !tclient || !HAVESTATE(tclient))
diff --git a/dix/property.c b/dix/property.c
index c760ef1..9ff6993 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -144,7 +144,7 @@ ProcRotateProperties(ClientPtr client)
DEALLOCATE_LOCAL(props);
return BadMatch;
}
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp, atoms[i],
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp,
DixReadAccess|DixWriteAccess))
{
case XaceErrorOperation:
@@ -277,8 +277,8 @@ dixChangeWindowProperty(ClientPtr pClien
memmove((char *)data, (char *)value, totalSize);
pProp->size = len;
pProp->devPrivates = NULL;
- switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp, property,
- DixWriteAccess))
+ switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp,
+ DixCreateAccess))
{
case XaceErrorOperation:
xfree(data);
@@ -295,7 +295,7 @@ dixChangeWindowProperty(ClientPtr pClien
}
else
{
- switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp, property,
+ switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp,
DixWriteAccess))
{
case XaceErrorOperation:
@@ -517,8 +517,7 @@ ProcGetProperty(ClientPtr client)
if (stuff->delete)
access_mode |= DixDestroyAccess;
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp,
- stuff->property, access_mode))
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp, access_mode))
{
case XaceErrorOperation:
client->errorValue = stuff->property;
@@ -671,8 +670,7 @@ ProcDeleteProperty(register ClientPtr cl
}
switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin,
- FindProperty(pWin, stuff->property), stuff->property,
- DixDestroyAccess))
+ FindProperty(pWin, stuff->property), DixDestroyAccess))
{
case XaceErrorOperation:
client->errorValue = stuff->property;
diff-tree c9fb8a35332d101897607d8f06ed5a6512eac7cf (from 1b766ffc0647d5e9a9bf6938d33548d977b5535e)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Mar 22 17:23:26 2007 -0400
dix: move access codes to separate header file, add DixCreateAccess.
diff --git a/include/Makefile.am b/include/Makefile.am
index 4d8910b..82e7190 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -11,6 +11,7 @@ sdk_HEADERS = \
cursor.h \
cursorstr.h \
dix.h \
+ dixaccess.h \
dixevents.h \
dixfont.h \
dixfontstr.h \
diff --git a/include/dixaccess.h b/include/dixaccess.h
new file mode 100644
index 0000000..205b76c
--- /dev/null
+++ b/include/dixaccess.h
@@ -0,0 +1,29 @@
+/***********************************************************
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+******************************************************************/
+
+#ifndef DIX_ACCESS_H
+#define DIX_ACCESS_H
+
+/* These are the access modes that can be passed in the last parameter
+ * to several of the dix lookup functions. They were originally part
+ * of the Security extension, now used by XACE.
+ *
+ * You can or these values together to indicate multiple modes
+ * simultaneously.
+ */
+
+#define DixUnknownAccess 0 /* don't know intentions */
+#define DixReadAccess (1<<0) /* inspecting the object */
+#define DixWriteAccess (1<<1) /* changing the object */
+#define DixDestroyAccess (1<<2) /* destroying the object */
+#define DixCreateAccess (1<<3) /* creating the object */
+
+#endif /* DIX_ACCESS_H */
diff --git a/include/resource.h b/include/resource.h
index 9949dd2..f7fa5f1 100644
--- a/include/resource.h
+++ b/include/resource.h
@@ -48,6 +48,7 @@ SOFTWARE.
#ifndef RESOURCE_H
#define RESOURCE_H 1
#include "misc.h"
+#include "dixaccess.h"
/*****************************************************************
* STUFF FOR RESOURCES
@@ -225,20 +226,6 @@ extern pointer LookupClientResourceCompl
FindComplexResType func,
pointer cdata);
-/* These are the access modes that can be passed in the last parameter
- * to SecurityLookupIDByType/Class. The Security extension doesn't
- * currently make much use of these; they're mainly provided as an
- * example of what you might need for discretionary access control.
- * You can or these values together to indicate multiple modes
- * simultaneously.
- */
-
-#define DixUnknownAccess 0 /* don't know intentions */
-#define DixReadAccess (1<<0) /* inspecting the object */
-#define DixWriteAccess (1<<1) /* changing the object */
-#define DixReadWriteAccess (DixReadAccess|DixWriteAccess)
-#define DixDestroyAccess (1<<2) /* destroying the object */
-
extern pointer SecurityLookupIDByType(
ClientPtr /*client*/,
XID /*id*/,
diff-tree 1b766ffc0647d5e9a9bf6938d33548d977b5535e (from 1b58304ac837735920747ed0f0d10ba331bdaeb7)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Mar 22 15:55:35 2007 -0400
dix: reorganize property code to better support xace hook; requires new API for
changing a property, dixChangeWindowProperty, taking an additional client argument.
diff --git a/Xext/security.c b/Xext/security.c
index b7a0925..00180b9 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -1715,7 +1715,7 @@ SecurityCheckPropertyAccess(CallbackList
/* if client trusted or window untrusted, allow operation */
- if ( (TRUSTLEVEL(client) == XSecurityClientTrusted) ||
+ if (!client || (TRUSTLEVEL(client) == XSecurityClientTrusted) ||
(TRUSTLEVEL(wClient(pWin)) != XSecurityClientTrusted) )
return;
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 4056d9e..eb721a7 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -1070,7 +1070,7 @@ XSELinuxProperty(CallbackListPtr *pcbl,
char *propname = NameForAtom(rec->propertyName);
tclient = wClient(pWin);
- if (!tclient || !HAVESTATE(tclient))
+ if (!client || !tclient || !HAVESTATE(tclient))
return;
propsid = GetPropertySID(SID(tclient)->ctx, propname);
diff --git a/dix/property.c b/dix/property.c
index 5e11b5f..c760ef1 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -230,19 +230,9 @@ ProcChangeProperty(ClientPtr client)
return(BadAtom);
}
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin,
- FindProperty(pWin, stuff->property), stuff->property,
- DixWriteAccess))
- {
- case XaceErrorOperation:
- client->errorValue = stuff->property;
- return BadAtom;
- case XaceIgnoreOperation:
- return Success;
- }
-
- err = ChangeWindowProperty(pWin, stuff->property, stuff->type, (int)format,
- (int)mode, len, (pointer)&stuff[1], TRUE);
+ err = dixChangeWindowProperty(client, pWin, stuff->property, stuff->type,
+ (int)format, (int)mode, len, &stuff[1],
+ TRUE);
if (err != Success)
return err;
else
@@ -250,9 +240,9 @@ ProcChangeProperty(ClientPtr client)
}
_X_EXPORT int
-ChangeWindowProperty(WindowPtr pWin, Atom property, Atom type, int format,
- int mode, unsigned long len, pointer value,
- Bool sendevent)
+dixChangeWindowProperty(ClientPtr pClient, WindowPtr pWin, Atom property,
+ Atom type, int format, int mode, unsigned long len,
+ pointer value, Bool sendevent)
{
PropertyPtr pProp;
xEvent event;
@@ -286,12 +276,34 @@ ChangeWindowProperty(WindowPtr pWin, Ato
if (len)
memmove((char *)data, (char *)value, totalSize);
pProp->size = len;
- pProp->next = pWin->optional->userProps;
pProp->devPrivates = NULL;
+ switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp, property,
+ DixWriteAccess))
+ {
+ case XaceErrorOperation:
+ xfree(data);
+ xfree(pProp);
+ pClient->errorValue = property;
+ return BadAtom;
+ case XaceIgnoreOperation:
+ xfree(data);
+ xfree(pProp);
+ return Success;
+ }
+ pProp->next = pWin->optional->userProps;
pWin->optional->userProps = pProp;
}
else
{
+ switch (XaceHook(XACE_PROPERTY_ACCESS, pClient, pWin, pProp, property,
+ DixWriteAccess))
+ {
+ case XaceErrorOperation:
+ pClient->errorValue = property;
+ return BadAtom;
+ case XaceIgnoreOperation:
+ return Success;
+ }
/* To append or prepend to a property the request format and type
must match those of the already defined property. The
existing format and type are irrelevant when using the mode
@@ -357,6 +369,15 @@ ChangeWindowProperty(WindowPtr pWin, Ato
return(Success);
}
+_X_EXPORT int
+ChangeWindowProperty(WindowPtr pWin, Atom property, Atom type, int format,
+ int mode, unsigned long len, pointer value,
+ Bool sendevent)
+{
+ return dixChangeWindowProperty(NullClient, pWin, property, type, format,
+ mode, len, value, sendevent);
+}
+
int
DeleteProperty(WindowPtr pWin, Atom propName)
{
diff --git a/hw/xfree86/loader/dixsym.c b/hw/xfree86/loader/dixsym.c
index 1732d1f..6957f06 100644
--- a/hw/xfree86/loader/dixsym.c
+++ b/hw/xfree86/loader/dixsym.c
@@ -192,6 +192,7 @@ _X_HIDDEN void *dixLookupTab[] = {
#endif
/* property.c */
SYMFUNC(ChangeWindowProperty)
+ SYMFUNC(dixChangeWindowProperty)
/* extension.c */
SYMFUNC(AddExtension)
SYMFUNC(AddExtensionAlias)
diff --git a/include/property.h b/include/property.h
index 8b6dc09..77536aa 100644
--- a/include/property.h
+++ b/include/property.h
@@ -52,6 +52,17 @@ SOFTWARE.
typedef struct _Property *PropertyPtr;
+extern int dixChangeWindowProperty(
+ ClientPtr /*pClient*/,
+ WindowPtr /*pWin*/,
+ Atom /*property*/,
+ Atom /*type*/,
+ int /*format*/,
+ int /*mode*/,
+ unsigned long /*len*/,
+ pointer /*value*/,
+ Bool /*sendevent*/);
+
extern int ChangeWindowProperty(
WindowPtr /*pWin*/,
Atom /*property*/,
diff-tree 1b58304ac837735920747ed0f0d10ba331bdaeb7 (from 5486be4898766205149fadce71529724eb78fbf3)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Mar 22 13:06:50 2007 -0400
xace: add new argument to property hook for property structure itself.
diff --git a/Xext/security.c b/Xext/security.c
index 98e91ad..b7a0925 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -28,14 +28,8 @@ in this Software without prior written a
#include <dix-config.h>
#endif
-#include "dixstruct.h"
-#include "extnsionst.h"
-#include "windowstr.h"
-#include "inputstr.h"
#include "scrnintstr.h"
-#include "gcstruct.h"
#include "colormapst.h"
-#include "propertyst.h"
#include "xacestr.h"
#include "securitysrv.h"
#include <X11/extensions/securstr.h>
diff --git a/Xext/xace.c b/Xext/xace.c
index 9502b5d..8e277ac 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -22,9 +22,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#endif
#include <stdarg.h>
-#include "windowstr.h"
#include "scrnintstr.h"
-#include "gcstruct.h"
#include "xacestr.h"
#include "modinit.h"
@@ -97,6 +95,7 @@ int XaceHook(int hook, ...)
XacePropertyAccessRec rec = {
va_arg(ap, ClientPtr),
va_arg(ap, WindowPtr),
+ va_arg(ap, PropertyPtr),
va_arg(ap, Atom),
va_arg(ap, Mask),
XaceAllowOperation /* default allow */
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index edf7b66..19d1540 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -27,6 +27,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#include "gcstruct.h"
#include "windowstr.h"
#include "inputstr.h"
+#include "propertyst.h"
#include "selection.h"
#include "xace.h"
@@ -59,6 +60,7 @@ typedef struct {
typedef struct {
ClientPtr client;
WindowPtr pWin;
+ PropertyPtr pProp;
Atom propertyName;
Mask access_mode;
int rval;
diff --git a/dix/property.c b/dix/property.c
index 3aa8e77..5e11b5f 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -91,6 +91,19 @@ PrintPropertys(WindowPtr pWin)
}
#endif
+static _X_INLINE PropertyPtr
+FindProperty(WindowPtr pWin, Atom propertyName)
+{
+ PropertyPtr pProp = wUserProps(pWin);
+ while (pProp)
+ {
+ if (pProp->propertyName == propertyName)
+ break;
+ pProp = pProp->next;
+ }
+ return pProp;
+}
+
int
ProcRotateProperties(ClientPtr client)
{
@@ -115,35 +128,33 @@ ProcRotateProperties(ClientPtr client)
return(BadAlloc);
for (i = 0; i < stuff->nAtoms; i++)
{
- char action = XaceHook(XACE_PROPERTY_ACCESS, client, pWin, atoms[i],
- DixReadAccess|DixWriteAccess);
-
- if (!ValidAtom(atoms[i]) || (XaceErrorOperation == action)) {
+ if (!ValidAtom(atoms[i])) {
DEALLOCATE_LOCAL(props);
client->errorValue = atoms[i];
return BadAtom;
}
- if (XaceIgnoreOperation == action) {
- DEALLOCATE_LOCAL(props);
- return Success;
- }
-
for (j = i + 1; j < stuff->nAtoms; j++)
if (atoms[j] == atoms[i])
{
DEALLOCATE_LOCAL(props);
return BadMatch;
}
- pProp = wUserProps (pWin);
- while (pProp)
- {
- if (pProp->propertyName == atoms[i])
- goto found;
- pProp = pProp->next;
- }
- DEALLOCATE_LOCAL(props);
- return BadMatch;
-found:
+ pProp = FindProperty(pWin, atoms[i]);
+ if (!pProp) {
+ DEALLOCATE_LOCAL(props);
+ return BadMatch;
+ }
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp, atoms[i],
+ DixReadAccess|DixWriteAccess))
+ {
+ case XaceErrorOperation:
+ DEALLOCATE_LOCAL(props);
+ client->errorValue = atoms[i];
+ return BadAtom;
+ case XaceIgnoreOperation:
+ DEALLOCATE_LOCAL(props);
+ return Success;
+ }
props[i] = pProp;
}
delta = stuff->nPositions;
@@ -219,7 +230,8 @@ ProcChangeProperty(ClientPtr client)
return(BadAtom);
}
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin,
+ FindProperty(pWin, stuff->property), stuff->property,
DixWriteAccess))
{
case XaceErrorOperation:
@@ -252,14 +264,8 @@ ChangeWindowProperty(WindowPtr pWin, Ato
totalSize = len * sizeInBytes;
/* first see if property already exists */
+ pProp = FindProperty(pWin, property);
- pProp = wUserProps (pWin);
- while (pProp)
- {
- if (pProp->propertyName == property)
- break;
- pProp = pProp->next;
- }
if (!pProp) /* just add to list */
{
if (!pWin->optional && !MakeWindowOptional (pWin))
@@ -490,8 +496,8 @@ ProcGetProperty(ClientPtr client)
if (stuff->delete)
access_mode |= DixDestroyAccess;
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
- access_mode))
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp,
+ stuff->property, access_mode))
{
case XaceErrorOperation:
client->errorValue = stuff->property;
@@ -643,7 +649,8 @@ ProcDeleteProperty(register ClientPtr cl
return (BadAtom);
}
- switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin,
+ FindProperty(pWin, stuff->property), stuff->property,
DixDestroyAccess))
{
case XaceErrorOperation:
diff-tree 5486be4898766205149fadce71529724eb78fbf3 (from a3296d111dc4d76aa3afa7e338cbab93eb390ec4)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Mar 22 10:59:21 2007 -0400
dix: devPrivates support for PropertyRec.
diff --git a/dix/property.c b/dix/property.c
index d402849..3aa8e77 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -281,6 +281,7 @@ ChangeWindowProperty(WindowPtr pWin, Ato
memmove((char *)data, (char *)value, totalSize);
pProp->size = len;
pProp->next = pWin->optional->userProps;
+ pProp->devPrivates = NULL;
pWin->optional->userProps = pProp;
}
else
@@ -383,6 +384,7 @@ DeleteProperty(WindowPtr pWin, Atom prop
event.u.property.atom = pProp->propertyName;
event.u.property.time = currentTime.milliseconds;
DeliverEvents(pWin, &event, 1, (WindowPtr)NULL);
+ dixFreePrivates(pProp->devPrivates);
xfree(pProp->data);
xfree(pProp);
}
@@ -405,6 +407,7 @@ DeleteAllWindowProperties(WindowPtr pWin
event.u.property.time = currentTime.milliseconds;
DeliverEvents(pWin, &event, 1, (WindowPtr)NULL);
pNextProp = pProp->next;
+ dixFreePrivates(pProp->devPrivates);
xfree(pProp->data);
xfree(pProp);
pProp = pNextProp;
@@ -569,6 +572,7 @@ ProcGetProperty(ClientPtr client)
}
else
prevProp->next = pProp->next;
+ dixFreePrivates(pProp->devPrivates);
xfree(pProp->data);
xfree(pProp);
}
diff --git a/include/propertyst.h b/include/propertyst.h
index 6add81d..fd1148e 100644
--- a/include/propertyst.h
+++ b/include/propertyst.h
@@ -49,6 +49,7 @@ SOFTWARE.
#define PROPERTYSTRUCT_H
#include "misc.h"
#include "property.h"
+#include "privates.h"
/*
* PROPERTY -- property element
*/
@@ -60,6 +61,7 @@ typedef struct _Property {
short format; /* format of data for swapping - 8,16,32 */
long size; /* size of data in (format/8) bytes */
pointer data; /* private to client */
+ PrivateRec *devPrivates;
} PropertyRec;
#endif /* PROPERTYSTRUCT_H */
More information about the xorg-commit
mailing list