xserver: Branch 'master' - 3 commits
Eamon Walsh
ewalsh at kemper.freedesktop.org
Thu Dec 18 11:03:06 PST 2008
Xext/Makefile.am | 3 +++
Xext/xace.c | 22 +++++++++++++++++++++-
Xext/xace.h | 18 +++++++++++-------
Xext/xselinux.c | 8 ++------
hw/xfree86/loader/sdksyms.sh | 1 +
5 files changed, 38 insertions(+), 14 deletions(-)
New commits:
commit 5d065a889074558634216eebd4bba35a60db9a09
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Dec 18 13:59:36 2008 -0500
xselinux: Use xace Xtrans wrappers instead of the now-inaccessible wrapees.
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 93ea05b..e2eeac9 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -50,9 +50,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include "selection.h"
#include "xacestr.h"
#include "xselinux.h"
-#define XSERV_t
-#define TRANS_SERVER
-#include <X11/Xtrans/Xtrans.h>
#include "../os/osdep.h"
#include "modinit.h"
@@ -460,8 +457,7 @@ SELinuxDoCheck(SELinuxSubjectRec *subj, SELinuxObjectRec *obj,
static void
SELinuxLabelClient(ClientPtr client)
{
- XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
- int fd = _XSERVTransGetConnectionNumber(ci);
+ int fd = XaceGetConnectionNumber(client);
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
security_context_t ctx;
@@ -479,7 +475,7 @@ SELinuxLabelClient(ClientPtr client)
}
/* For local clients, try and determine the executable name */
- if (_XSERVTransIsLocal(ci)) {
+ if (XaceIsLocal(client)) {
struct ucred creds;
socklen_t len = sizeof(creds);
char path[PATH_MAX + 1];
commit f87e66486c3610c56888915b66ae5ab0af03da8b
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Dec 18 13:58:35 2008 -0500
xace: Export wrappers around two Xtrans functions used by modules.
Don't know a better way to do this, since Xtrans isn't a library that
can be linked into modules.
diff --git a/Xext/xace.c b/Xext/xace.c
index c758319..7e82f81 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -29,6 +29,11 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include "gcstruct.h"
#include "xacestr.h"
+#define XSERV_t
+#define TRANS_SERVER
+#include <X11/Xtrans/Xtrans.h>
+#include "../os/osdep.h"
+
_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
/* Special-cased hook functions. Called by Xserver.
@@ -339,3 +344,18 @@ XaceCensorImage(client, pVisibleRegion, widthBytesLine, pDraw, x, y, w, h,
REGION_UNINIT(pScreen, &imageRegion);
REGION_UNINIT(pScreen, &censorRegion);
} /* XaceCensorImage */
+
+/*
+ * Xtrans wrappers for use by modules
+ */
+int XaceGetConnectionNumber(ClientPtr client)
+{
+ XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
+ return _XSERVTransGetConnectionNumber(ci);
+}
+
+int XaceIsLocal(ClientPtr client)
+{
+ XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
+ return _XSERVTransIsLocal(ci);
+}
diff --git a/Xext/xace.h b/Xext/xace.h
index 542b157..3b3e878 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -85,6 +85,10 @@ void XaceHookAuditEnd(ClientPtr ptr, int result);
#define XaceDeleteCallback(hook,callback,data) \
DeleteCallback(XaceHooks+(hook), callback, data)
+/* XTrans wrappers for use by security modules
+ */
+_X_EXPORT int XaceGetConnectionNumber(ClientPtr ptr);
+_X_EXPORT int XaceIsLocal(ClientPtr ptr);
/* From the original Security extension...
*/
commit 777408914dbf395e9969e3f34720286e6f740369
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Thu Dec 18 12:35:57 2008 -0500
Add xace headers to the SDK when enabled and export the XaceHooks symbol
to modules.
diff --git a/Xext/Makefile.am b/Xext/Makefile.am
index f3b7652..ac45f95 100644
--- a/Xext/Makefile.am
+++ b/Xext/Makefile.am
@@ -73,6 +73,9 @@ endif
XACE_SRCS = xace.c xace.h xacestr.h
if XACE
BUILTIN_SRCS += $(XACE_SRCS)
+if XORG
+sdk_HEADERS += xace.h xacestr.h
+endif
endif
# SELinux extension: provides SELinux policy support for X objects
diff --git a/Xext/xace.c b/Xext/xace.c
index 8a8f8c6..c758319 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -29,7 +29,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include "gcstruct.h"
#include "xacestr.h"
-CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
+_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
/* Special-cased hook functions. Called by Xserver.
*/
diff --git a/Xext/xace.h b/Xext/xace.h
index 1aaab03..542b157 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -61,19 +61,19 @@ extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS];
/* Entry point for hook functions. Called by Xserver.
* Required by libdbe and libextmod
*/
-extern _X_EXPORT int XaceHook(
+_X_EXPORT int XaceHook(
int /*hook*/,
... /*appropriate args for hook*/
);
/* Special-cased hook functions
*/
-extern int XaceHookDispatch(ClientPtr ptr, int major);
-extern int XaceHookPropertyAccess(ClientPtr ptr, WindowPtr pWin,
- PropertyPtr *ppProp, Mask access_mode);
-extern int XaceHookSelectionAccess(ClientPtr ptr,
+int XaceHookDispatch(ClientPtr ptr, int major);
+int XaceHookPropertyAccess(ClientPtr ptr, WindowPtr pWin,
+ PropertyPtr *ppProp, Mask access_mode);
+int XaceHookSelectionAccess(ClientPtr ptr,
Selection **ppSel, Mask access_mode);
-extern void XaceHookAuditEnd(ClientPtr ptr, int result);
+void XaceHookAuditEnd(ClientPtr ptr, int result);
/* Register a callback for a given hook.
*/
@@ -89,7 +89,7 @@ extern void XaceHookAuditEnd(ClientPtr ptr, int result);
/* From the original Security extension...
*/
-extern void XaceCensorImage(
+void XaceCensorImage(
ClientPtr client,
RegionPtr pVisibleRegion,
long widthBytesLine,
diff --git a/hw/xfree86/loader/sdksyms.sh b/hw/xfree86/loader/sdksyms.sh
index e6c15cc..55f7206 100755
--- a/hw/xfree86/loader/sdksyms.sh
+++ b/hw/xfree86/loader/sdksyms.sh
@@ -311,6 +311,7 @@ cat > sdksyms.c << EOF
#include "validate.h"
#include "window.h"
#include "windowstr.h"
+#include "xace.h"
#include "xkbfile.h"
#include "xkbsrv.h"
#include "xkbstr.h"
More information about the xorg-commit
mailing list