xserver: Branch 'XACE-SELINUX' - 5 commits
Eamon Walsh
ewalsh at kemper.freedesktop.org
Thu Sep 6 08:45:20 PDT 2007
Xext/xace.c | 4 +-
Xext/xacestr.h | 4 +-
composite/compext.c | 47 +++++++++++++++++--------
damageext/damageext.c | 4 +-
dix/colormap.c | 2 -
dix/cursor.c | 7 ++-
dix/dispatch.c | 2 -
dix/gc.c | 4 +-
dix/resource.c | 2 -
dix/window.c | 12 +++---
render/animcur.c | 19 ++++++++--
render/picture.c | 31 ++++++++++------
render/picturestr.h | 2 -
render/render.c | 94 ++++++++++++++++++++++++++++++--------------------
xfixes/cursor.c | 6 +--
xfixes/select.c | 2 -
16 files changed, 153 insertions(+), 89 deletions(-)
New commits:
diff-tree 0003ccfcdfae1b473aa024342304b84256d378b9 (from ce9e83d913511fe619da42f805d7bcd1a2a60d90)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Wed Sep 5 11:18:36 2007 -0400
xace: add new fields to resource access hook to allow parent resource objects
to be passed in at create time. Also added a missing devPrivates initializer.
diff --git a/Xext/xace.c b/Xext/xace.c
index cc68986..92f0e40 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -72,8 +72,10 @@ int XaceHook(int hook, ...)
va_arg(ap, ClientPtr),
va_arg(ap, XID),
va_arg(ap, RESTYPE),
- va_arg(ap, Mask),
va_arg(ap, pointer),
+ va_arg(ap, RESTYPE),
+ va_arg(ap, pointer),
+ va_arg(ap, Mask),
Success /* default allow */
};
calldata = &rec;
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index 0957f0d..e12a52c 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -41,8 +41,10 @@ typedef struct {
ClientPtr client;
XID id;
RESTYPE rtype;
- Mask access_mode;
pointer res;
+ RESTYPE ptype;
+ pointer parent;
+ Mask access_mode;
int status;
} XaceResourceAccessRec;
diff --git a/composite/compext.c b/composite/compext.c
index b329679..2d3bafa 100644
--- a/composite/compext.c
+++ b/composite/compext.c
@@ -459,7 +459,7 @@ ProcCompositeGetOverlayWindow (ClientPtr
}
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id,
- RT_WINDOW, DixGetAttrAccess, cs->pOverlayWin);
+ RT_WINDOW, cs->pOverlayWin, RT_NONE, NULL, DixGetAttrAccess);
if (rc != Success)
return rc;
diff --git a/dix/colormap.c b/dix/colormap.c
index 98f2f1b..d07cff7 100644
--- a/dix/colormap.c
+++ b/dix/colormap.c
@@ -397,7 +397,7 @@ CreateColormap (Colormap mid, ScreenPtr
* Security creation/labeling check
*/
i = XaceHook(XACE_RESOURCE_ACCESS, clients[client], mid, RT_COLORMAP,
- DixCreateAccess, pmap);
+ pmap, RT_NONE, NULL, DixCreateAccess);
if (i != Success) {
FreeResource(mid, RT_NONE);
return i;
diff --git a/dix/cursor.c b/dix/cursor.c
index 324faa1..0ddf9d7 100644
--- a/dix/cursor.c
+++ b/dix/cursor.c
@@ -212,12 +212,12 @@ AllocARGBCursor(unsigned char *psrcbits,
pCurs->backGreen = backGreen;
pCurs->backBlue = backBlue;
- pCurs->devPrivates = NULL;
pCurs->id = cid;
+ pCurs->devPrivates = NULL;
/* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
- DixCreateAccess, pCurs);
+ pCurs, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) {
dixFreePrivates(pCurs->devPrivates);
FreeCursorBits(bits);
@@ -365,6 +365,7 @@ AllocGlyphCursor(Font source, unsigned s
bits->height = cm.height;
bits->xhot = cm.xhot;
bits->yhot = cm.yhot;
+ bits->devPrivates = NULL;
if (sourcefont != maskfont)
bits->refcnt = -1;
else
@@ -406,7 +407,7 @@ AllocGlyphCursor(Font source, unsigned s
/* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
- DixCreateAccess, pCurs);
+ pCurs, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) {
dixFreePrivates(pCurs->devPrivates);
FreeCursorBits(bits);
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 7adfe02..507854e 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -1558,7 +1558,7 @@ CreatePmap:
pMap->drawable.id = stuff->pid;
/* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP,
- DixCreateAccess, pMap);
+ pMap, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) {
(*pDraw->pScreen->DestroyPixmap)(pMap);
return rc;
diff --git a/dix/gc.c b/dix/gc.c
index d77932c..443f6c6 100644
--- a/dix/gc.c
+++ b/dix/gc.c
@@ -638,8 +638,8 @@ CreateGC(DrawablePtr pDrawable, BITS32 m
pGC->stipple->refcnt++;
/* security creation/labeling check */
- *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC,
- DixCreateAccess|DixSetAttrAccess, pGC);
+ *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC, pGC,
+ RT_NONE, NULL, DixCreateAccess|DixSetAttrAccess);
if (*pStatus != Success)
goto out;
diff --git a/dix/resource.c b/dix/resource.c
index 844d12e..a557ba4 100644
--- a/dix/resource.c
+++ b/dix/resource.c
@@ -901,7 +901,7 @@ dixLookupResource(pointer *result, XID i
if (client) {
client->errorValue = id;
cid = XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type,
- mode, res->value);
+ res->value, RT_NONE, NULL, mode);
if (cid != Success)
return cid;
}
diff --git a/dix/window.c b/dix/window.c
index 70ce2ad..6c65319 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -698,8 +698,8 @@ CreateWindow(Window wid, WindowPtr pPare
/* security creation/labeling check
*/
- *error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW,
- DixCreateAccess|DixSetAttrAccess, pWin);
+ *error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW, pWin,
+ RT_WINDOW, pWin->parent, DixCreateAccess|DixSetAttrAccess);
if (*error != Success) {
xfree(pWin);
return NullWindow;
@@ -955,7 +955,7 @@ DestroySubwindows(WindowPtr pWin, Client
while (pWin->lastChild) {
int rc = XaceHook(XACE_RESOURCE_ACCESS, client,
pWin->lastChild->drawable.id, RT_WINDOW,
- DixDestroyAccess, pWin->lastChild);
+ pWin->lastChild, RT_NONE, NULL, DixDestroyAccess);
if (rc != Success)
return rc;
FreeResource(pWin->lastChild->drawable.id, RT_NONE);
@@ -1275,7 +1275,7 @@ ChangeWindowAttributes(WindowPtr pWin, M
}
if (val == xTrue) {
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id,
- RT_WINDOW, DixGrabAccess, pWin);
+ RT_WINDOW, pWin, RT_NONE, NULL, DixGrabAccess);
if (rc != Success) {
error = rc;
client->errorValue = pWin->drawable.id;
@@ -2745,7 +2745,7 @@ MapWindow(WindowPtr pWin, ClientPtr clie
/* general check for permission to map window */
if (XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, RT_WINDOW,
- DixShowAccess, pWin) != Success)
+ pWin, RT_NONE, NULL, DixShowAccess) != Success)
return Success;
pScreen = pWin->drawable.pScreen;
diff --git a/render/animcur.c b/render/animcur.c
index da3d4a0..1259289 100644
--- a/render/animcur.c
+++ b/render/animcur.c
@@ -377,12 +377,12 @@ AnimCursorCreate (CursorPtr *cursors, CA
pCursor->backGreen = cursors[0]->backGreen;
pCursor->backBlue = cursors[0]->backBlue;
- pCursor->devPrivates = NULL;
pCursor->id = cid;
+ pCursor->devPrivates = NULL;
/* security creation/labeling check */
- rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
- DixCreateAccess, pCursor);
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, pCursor,
+ RT_NONE, NULL, DixCreateAccess);
if (rc != Success) {
dixFreePrivates(pCursor->devPrivates);
xfree(pCursor);
diff --git a/render/picture.c b/render/picture.c
index 7b200ee..660ef12 100644
--- a/render/picture.c
+++ b/render/picture.c
@@ -727,8 +727,8 @@ CreatePicture (Picture pid,
pPicture->devPrivates = NULL;
/* security creation/labeling check */
- *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType,
- DixCreateAccess|DixSetAttrAccess, pPicture);
+ *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, pPicture,
+ RC_DRAWABLE, pDrawable, DixCreateAccess|DixSetAttrAccess);
if (*error != Success)
goto out;
diff --git a/render/render.c b/render/render.c
index 37d2d62..40d5add 100644
--- a/render/render.c
+++ b/render/render.c
@@ -1025,7 +1025,7 @@ ProcRenderCreateGlyphSet (ClientPtr clie
return BadAlloc;
/* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType,
- DixCreateAccess, glyphSet);
+ glyphSet, RT_NONE, NULL, DixCreateAccess);
if (rc != Success)
return rc;
if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
@@ -1903,7 +1903,7 @@ static int ProcRenderCreateSolidFill(Cli
return error;
/* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
- DixCreateAccess, pPicture);
+ pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success)
return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -1937,7 +1937,7 @@ static int ProcRenderCreateLinearGradien
return error;
/* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
- DixCreateAccess, pPicture);
+ pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success)
return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -1972,7 +1972,7 @@ static int ProcRenderCreateRadialGradien
return error;
/* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
- DixCreateAccess, pPicture);
+ pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success)
return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -2006,7 +2006,7 @@ static int ProcRenderCreateConicalGradie
return error;
/* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
- DixCreateAccess, pPicture);
+ pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success)
return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
diff --git a/xfixes/cursor.c b/xfixes/cursor.c
index 52f483e..1d122fa 100755
--- a/xfixes/cursor.c
+++ b/xfixes/cursor.c
@@ -351,7 +351,7 @@ ProcXFixesGetCursorImage (ClientPtr clie
if (!pCursor)
return BadCursor;
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
- DixReadAccess, pCursor);
+ pCursor, RT_NONE, NULL, DixReadAccess);
if (rc != Success)
return rc;
GetSpritePosition (&x, &y);
@@ -503,7 +503,7 @@ ProcXFixesGetCursorImageAndName (ClientP
if (!pCursor)
return BadCursor;
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
- DixReadAccess|DixGetAttrAccess, pCursor);
+ pCursor, RT_NONE, NULL, DixReadAccess|DixGetAttrAccess);
if (rc != Success)
return rc;
GetSpritePosition (&x, &y);
diff-tree ce9e83d913511fe619da42f805d7bcd1a2a60d90 (from c9ceb4878063ca22487c708d9d1f86e367f2cec8)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Tue Sep 4 14:01:55 2007 -0400
xace: add hooks + new access codes: Damage extension
diff --git a/damageext/damageext.c b/damageext/damageext.c
index 1597465..517c72d 100755
--- a/damageext/damageext.c
+++ b/damageext/damageext.c
@@ -185,7 +185,7 @@ ProcDamageCreate (ClientPtr client)
REQUEST_SIZE_MATCH(xDamageCreateReq);
LEGAL_NEW_RESOURCE(stuff->damage, client);
rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0,
- DixReadAccess);
+ DixGetAttrAccess|DixReadAccess);
if (rc != Success)
return rc;
@@ -295,7 +295,7 @@ ProcDamageAdd (ClientPtr client)
REQUEST_SIZE_MATCH(xDamageAddReq);
VERIFY_REGION(pRegion, stuff->region, client, DixWriteAccess);
rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0,
- DixReadAccess);
+ DixWriteAccess);
if (rc != Success)
return rc;
diff-tree c9ceb4878063ca22487c708d9d1f86e367f2cec8 (from fd04b983db6a70bf747abe02ca07c1fbbaae6343)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Aug 31 11:03:54 2007 -0400
xace: add hooks + new access codes: Composite extension
diff --git a/composite/compext.c b/composite/compext.c
index 8d2a2d7..b329679 100644
--- a/composite/compext.c
+++ b/composite/compext.c
@@ -45,6 +45,7 @@
#endif
#include "compint.h"
+#include "xace.h"
#define SERVER_COMPOSITE_MAJOR 0
#define SERVER_COMPOSITE_MINOR 4
@@ -157,14 +158,16 @@ static int
ProcCompositeRedirectWindow (ClientPtr client)
{
WindowPtr pWin;
+ int rc;
REQUEST(xCompositeRedirectWindowReq);
REQUEST_SIZE_MATCH(xCompositeRedirectWindowReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, client,
+ DixSetAttrAccess|DixManageAccess|DixBlendAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
return compRedirectWindow (client, pWin, stuff->update);
}
@@ -173,14 +176,16 @@ static int
ProcCompositeRedirectSubwindows (ClientPtr client)
{
WindowPtr pWin;
+ int rc;
REQUEST(xCompositeRedirectSubwindowsReq);
REQUEST_SIZE_MATCH(xCompositeRedirectSubwindowsReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, client,
+ DixSetAttrAccess|DixManageAccess|DixBlendAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
return compRedirectSubwindows (client, pWin, stuff->update);
}
@@ -223,14 +228,16 @@ ProcCompositeCreateRegionFromBorderClip
WindowPtr pWin;
CompWindowPtr cw;
RegionPtr pBorderClip, pRegion;
+ int rc;
REQUEST(xCompositeCreateRegionFromBorderClipReq);
REQUEST_SIZE_MATCH(xCompositeCreateRegionFromBorderClipReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, client,
+ DixGetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
LEGAL_NEW_RESOURCE (stuff->region, client);
@@ -257,14 +264,16 @@ ProcCompositeNameWindowPixmap (ClientPtr
WindowPtr pWin;
CompWindowPtr cw;
PixmapPtr pPixmap;
+ int rc;
REQUEST(xCompositeNameWindowPixmapReq);
REQUEST_SIZE_MATCH(xCompositeNameWindowPixmapReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, client,
+ DixGetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
if (!pWin->viewable)
@@ -429,13 +438,15 @@ ProcCompositeGetOverlayWindow (ClientPtr
ScreenPtr pScreen;
CompScreenPtr cs;
CompOverlayClientPtr pOc;
+ int rc;
REQUEST_SIZE_MATCH(xCompositeGetOverlayWindowReq);
- pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW);
- if (!pWin)
+ rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, client,
+ DixGetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->window;
- return BadWindow;
+ return (rc == BadValue) ? BadWindow : rc;
}
pScreen = pWin->drawable.pScreen;
@@ -446,6 +457,12 @@ ProcCompositeGetOverlayWindow (ClientPtr
return BadAlloc;
}
}
+
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id,
+ RT_WINDOW, DixGetAttrAccess, cs->pOverlayWin);
+ if (rc != Success)
+ return rc;
+
MapWindow(cs->pOverlayWin, serverClient);
/* Record that client is using this overlay window */
diff-tree fd04b983db6a70bf747abe02ca07c1fbbaae6343 (from 1005b29cc6939851b40397cc9cd0de9476ad3046)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Aug 31 09:55:27 2007 -0400
xace: add hooks + new access codes: Render extension
diff --git a/render/animcur.c b/render/animcur.c
index 444d706..da3d4a0 100644
--- a/render/animcur.c
+++ b/render/animcur.c
@@ -44,6 +44,7 @@
#include "dixfontstr.h"
#include "opaque.h"
#include "picturestr.h"
+#include "xace.h"
typedef struct _AnimCurElt {
CursorPtr pCursor; /* cursor to show */
@@ -346,10 +347,10 @@ AnimCurInit (ScreenPtr pScreen)
}
int
-AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor)
+AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor, ClientPtr client, XID cid)
{
CursorPtr pCursor;
- int i;
+ int rc, i;
AnimCurPtr ac;
for (i = 0; i < screenInfo.numScreens; i++)
@@ -366,7 +367,6 @@ AnimCursorCreate (CursorPtr *cursors, CA
if (!pCursor)
return BadAlloc;
pCursor->bits = &animCursorBits;
- animCursorBits.refcnt++;
pCursor->refcnt = 1;
pCursor->foreRed = cursors[0]->foreRed;
@@ -377,9 +377,22 @@ AnimCursorCreate (CursorPtr *cursors, CA
pCursor->backGreen = cursors[0]->backGreen;
pCursor->backBlue = cursors[0]->backBlue;
+ pCursor->devPrivates = NULL;
+ pCursor->id = cid;
+
+ /* security creation/labeling check */
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
+ DixCreateAccess, pCursor);
+ if (rc != Success) {
+ dixFreePrivates(pCursor->devPrivates);
+ xfree(pCursor);
+ return rc;
+ }
+
/*
* Fill in the AnimCurRec
*/
+ animCursorBits.refcnt++;
ac = GetAnimCur (pCursor);
ac->nelt = ncursor;
ac->elts = (AnimCurElt *) (ac + 1);
diff --git a/render/picture.c b/render/picture.c
index bc2c3b5..7b200ee 100644
--- a/render/picture.c
+++ b/render/picture.c
@@ -40,6 +40,7 @@
#include "gcstruct.h"
#include "servermd.h"
#include "picturestr.h"
+#include "xace.h"
_X_EXPORT DevPrivateKey PictureScreenPrivateKey = &PictureScreenPrivateKey;
DevPrivateKey PictureWindowPrivateKey = &PictureWindowPrivateKey;
@@ -724,6 +725,13 @@ CreatePicture (Picture pid,
pPicture->pFormat = pFormat;
pPicture->format = pFormat->format | (pDrawable->bitsPerPixel << 24);
pPicture->devPrivates = NULL;
+
+ /* security creation/labeling check */
+ *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType,
+ DixCreateAccess|DixSetAttrAccess, pPicture);
+ if (*error != Success)
+ goto out;
+
if (pDrawable->type == DRAWABLE_PIXMAP)
{
++((PixmapPtr)pDrawable)->refcnt;
@@ -743,6 +751,7 @@ CreatePicture (Picture pid,
*error = Success;
if (*error == Success)
*error = (*ps->CreatePicture) (pPicture);
+out:
if (*error != Success)
{
FreePicture (pPicture, (XID) 0);
@@ -1060,14 +1069,13 @@ ChangePicture (PicturePtr pPicture,
pAlpha = 0;
else
{
- pAlpha = (PicturePtr) SecurityLookupIDByType(client,
- pid,
- PictureType,
- DixWriteAccess|DixReadAccess);
- if (!pAlpha)
+ error = dixLookupResource((pointer *)&pAlpha, pid,
+ PictureType, client,
+ DixReadAccess);
+ if (error != Success)
{
client->errorValue = pid;
- error = BadPixmap;
+ error = (error == BadValue) ? BadPixmap : error;
break;
}
if (pAlpha->pDrawable == NULL ||
@@ -1122,14 +1130,13 @@ ChangePicture (PicturePtr pPicture,
else
{
clipType = CT_PIXMAP;
- pPixmap = (PixmapPtr)SecurityLookupIDByType(client,
- pid,
- RT_PIXMAP,
- DixReadAccess);
- if (!pPixmap)
+ error = dixLookupResource((pointer *)&pPixmap, pid,
+ RT_PIXMAP, client,
+ DixReadAccess);
+ if (error != Success)
{
client->errorValue = pid;
- error = BadPixmap;
+ error = (error == BadValue) ? BadPixmap : error;
break;
}
}
diff --git a/render/picturestr.h b/render/picturestr.h
index aafe4e8..fad9741 100644
--- a/render/picturestr.h
+++ b/render/picturestr.h
@@ -630,7 +630,7 @@ Bool
AnimCurInit (ScreenPtr pScreen);
int
-AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor);
+AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor, ClientPtr client, XID cid);
void
AddTraps (PicturePtr pPicture,
diff --git a/render/render.c b/render/render.c
index 7b27457..37d2d62 100644
--- a/render/render.c
+++ b/render/render.c
@@ -46,6 +46,7 @@
#include "glyphstr.h"
#include <X11/Xfuncproto.h>
#include "cursorstr.h"
+#include "xace.h"
#if HAVE_STDINT_H
#include <stdint.h>
@@ -623,7 +624,7 @@ ProcRenderCreatePicture (ClientPtr clien
LEGAL_NEW_RESOURCE(stuff->pid, client);
rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0,
- DixWriteAccess);
+ DixReadAccess|DixAddAccess);
if (rc != Success)
return rc;
@@ -664,7 +665,7 @@ ProcRenderChangePicture (ClientPtr clien
int len;
REQUEST_AT_LEAST_SIZE(xRenderChangePictureReq);
- VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess,
+ VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess,
RenderErrBase + BadPicture);
len = client->req_len - (sizeof(xRenderChangePictureReq) >> 2);
@@ -684,7 +685,7 @@ ProcRenderSetPictureClipRectangles (Clie
int result;
REQUEST_AT_LEAST_SIZE(xRenderSetPictureClipRectanglesReq);
- VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess,
+ VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess,
RenderErrBase + BadPicture);
if (!pPicture->pDrawable)
return BadDrawable;
@@ -983,7 +984,7 @@ ProcRenderCreateGlyphSet (ClientPtr clie
{
GlyphSetPtr glyphSet;
PictFormatPtr format;
- int f;
+ int rc, f;
REQUEST(xRenderCreateGlyphSetReq);
REQUEST_SIZE_MATCH(xRenderCreateGlyphSetReq);
@@ -1022,6 +1023,11 @@ ProcRenderCreateGlyphSet (ClientPtr clie
glyphSet = AllocateGlyphSet (f, format);
if (!glyphSet)
return BadAlloc;
+ /* security creation/labeling check */
+ rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType,
+ DixCreateAccess, glyphSet);
+ if (rc != Success)
+ return rc;
if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
return BadAlloc;
return Success;
@@ -1031,20 +1037,19 @@ static int
ProcRenderReferenceGlyphSet (ClientPtr client)
{
GlyphSetPtr glyphSet;
+ int rc;
REQUEST(xRenderReferenceGlyphSetReq);
REQUEST_SIZE_MATCH(xRenderReferenceGlyphSetReq);
LEGAL_NEW_RESOURCE(stuff->gsid, client);
- glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
- stuff->existing,
- GlyphSetType,
- DixWriteAccess);
- if (!glyphSet)
+ rc = dixLookupResource((pointer *)&glyphSet, stuff->existing, GlyphSetType,
+ client, DixGetAttrAccess);
+ if (rc != Success)
{
client->errorValue = stuff->existing;
- return RenderErrBase + BadGlyphSet;
+ return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc;
}
glyphSet->refcnt++;
if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
@@ -1059,17 +1064,16 @@ static int
ProcRenderFreeGlyphSet (ClientPtr client)
{
GlyphSetPtr glyphSet;
+ int rc;
REQUEST(xRenderFreeGlyphSetReq);
REQUEST_SIZE_MATCH(xRenderFreeGlyphSetReq);
- glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
- stuff->glyphset,
- GlyphSetType,
- DixDestroyAccess);
- if (!glyphSet)
+ rc = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType,
+ client, DixDestroyAccess);
+ if (rc != Success)
{
client->errorValue = stuff->glyphset;
- return RenderErrBase + BadGlyphSet;
+ return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc;
}
FreeResource (stuff->glyphset, RT_NONE);
return client->noClientException;
@@ -1093,19 +1097,18 @@ ProcRenderAddGlyphs (ClientPtr client)
xGlyphInfo *gi;
CARD8 *bits;
int size;
- int err = BadAlloc;
+ int err;
REQUEST_AT_LEAST_SIZE(xRenderAddGlyphsReq);
- glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
- stuff->glyphset,
- GlyphSetType,
- DixWriteAccess);
- if (!glyphSet)
+ err = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType,
+ client, DixAddAccess);
+ if (err != Success)
{
client->errorValue = stuff->glyphset;
- return RenderErrBase + BadGlyphSet;
+ return (err == BadValue) ? RenderErrBase + BadGlyphSet : err;
}
+ err = BadAlloc;
nglyphs = stuff->nglyphs;
if (nglyphs > UINT32_MAX / sizeof(GlyphNewRec))
return BadAlloc;
@@ -1195,19 +1198,17 @@ ProcRenderFreeGlyphs (ClientPtr client)
{
REQUEST(xRenderFreeGlyphsReq);
GlyphSetPtr glyphSet;
- int nglyph;
+ int rc, nglyph;
CARD32 *gids;
CARD32 glyph;
REQUEST_AT_LEAST_SIZE(xRenderFreeGlyphsReq);
- glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
- stuff->glyphset,
- GlyphSetType,
- DixWriteAccess);
- if (!glyphSet)
+ rc = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType,
+ client, DixRemoveAccess);
+ if (rc != Success)
{
client->errorValue = stuff->glyphset;
- return RenderErrBase + BadGlyphSet;
+ return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc;
}
nglyph = ((client->req_len << 2) - sizeof (xRenderFreeGlyphsReq)) >> 2;
gids = (CARD32 *) (stuff + 1);
@@ -1284,7 +1285,7 @@ ProcRenderCompositeGlyphs (ClientPtr cli
glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
stuff->glyphset,
GlyphSetType,
- DixReadAccess);
+ DixUseAccess);
if (!glyphSet)
{
client->errorValue = stuff->glyphset;
@@ -1346,7 +1347,7 @@ ProcRenderCompositeGlyphs (ClientPtr cli
glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client,
gs,
GlyphSetType,
- DixReadAccess);
+ DixUseAccess);
if (!glyphSet)
{
client->errorValue = gs;
@@ -1679,7 +1680,7 @@ ProcRenderSetPictureTransform (ClientPtr
int result;
REQUEST_SIZE_MATCH(xRenderSetPictureTransformReq);
- VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess,
+ VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess,
RenderErrBase + BadPicture);
result = SetPictureTransform (pPicture, (PictTransform *) &stuff->transform);
if (client->noClientException != Success)
@@ -1704,7 +1705,7 @@ ProcRenderQueryFilters (ClientPtr client
REQUEST_SIZE_MATCH(xRenderQueryFiltersReq);
rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0,
- DixReadAccess);
+ DixGetAttrAccess);
if (rc != Success)
return rc;
@@ -1809,7 +1810,7 @@ ProcRenderSetPictureFilter (ClientPtr cl
char *name;
REQUEST_AT_LEAST_SIZE (xRenderSetPictureFilterReq);
- VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess,
+ VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess,
RenderErrBase + BadPicture);
name = (char *) (stuff + 1);
params = (xFixed *) (name + ((stuff->nbytes + 3) & ~3));
@@ -1853,7 +1854,8 @@ ProcRenderCreateAnimCursor (ClientPtr cl
deltas[i] = elt->delay;
elt++;
}
- ret = AnimCursorCreate (cursors, deltas, ncursor, &pCursor);
+ ret = AnimCursorCreate (cursors, deltas, ncursor, &pCursor, client,
+ stuff->cid);
xfree (cursors);
if (ret != Success)
return ret;
@@ -1899,6 +1901,11 @@ static int ProcRenderCreateSolidFill(Cli
pPicture = CreateSolidPicture(stuff->pid, &stuff->color, &error);
if (!pPicture)
return error;
+ /* security creation/labeling check */
+ error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
+ DixCreateAccess, pPicture);
+ if (error != Success)
+ return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
return BadAlloc;
return Success;
@@ -1928,6 +1935,11 @@ static int ProcRenderCreateLinearGradien
stuff->nStops, stops, colors, &error);
if (!pPicture)
return error;
+ /* security creation/labeling check */
+ error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
+ DixCreateAccess, pPicture);
+ if (error != Success)
+ return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
return BadAlloc;
return Success;
@@ -1958,6 +1970,11 @@ static int ProcRenderCreateRadialGradien
stuff->nStops, stops, colors, &error);
if (!pPicture)
return error;
+ /* security creation/labeling check */
+ error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
+ DixCreateAccess, pPicture);
+ if (error != Success)
+ return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
return BadAlloc;
return Success;
@@ -1987,6 +2004,11 @@ static int ProcRenderCreateConicalGradie
stuff->nStops, stops, colors, &error);
if (!pPicture)
return error;
+ /* security creation/labeling check */
+ error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
+ DixCreateAccess, pPicture);
+ if (error != Success)
+ return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
return BadAlloc;
return Success;
diff-tree 1005b29cc6939851b40397cc9cd0de9476ad3046 (from 53f346b158fa8e10de5a8777fa6d8d86f918878b)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Aug 30 14:48:24 2007 -0400
xace: Correct some access modes.
diff --git a/dix/window.c b/dix/window.c
index b6bbdd4..70ce2ad 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -1396,7 +1396,7 @@ ChangeWindowAttributes(WindowPtr pWin, M
else
{
rc = dixLookupResource((pointer *)&pCursor, cursorID,
- RT_CURSOR, client, DixReadAccess);
+ RT_CURSOR, client, DixUseAccess);
if (rc != Success)
{
error = (rc == BadValue) ? BadCursor : rc;
diff --git a/xfixes/cursor.c b/xfixes/cursor.c
index 91f149e..52f483e 100755
--- a/xfixes/cursor.c
+++ b/xfixes/cursor.c
@@ -239,7 +239,7 @@ ProcXFixesSelectCursorInput (ClientPtr c
int rc;
REQUEST_SIZE_MATCH (xXFixesSelectCursorInputReq);
- rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess);
+ rc = dixLookupWindow(&pWin, stuff->window, client, DixGetAttrAccess);
if (rc != Success)
return rc;
if (stuff->eventMask & ~CursorAllEvents)
diff --git a/xfixes/select.c b/xfixes/select.c
index 9de152f..2321212 100755
--- a/xfixes/select.c
+++ b/xfixes/select.c
@@ -203,7 +203,7 @@ ProcXFixesSelectSelectionInput (ClientPt
int rc;
REQUEST_SIZE_MATCH (xXFixesSelectSelectionInputReq);
- rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess);
+ rc = dixLookupWindow(&pWin, stuff->window, client, DixGetAttrAccess);
if (rc != Success)
return rc;
if (stuff->eventMask & ~SelectionAllEvents)
More information about the xorg-commit
mailing list