[PATCH 15/37] Move SELinux from extmod to built-in

Daniel Stone daniel at fooishbar.org
Tue Jun 28 12:27:31 PDT 2011


Instead of letting it languish in extmod just because we want to
configure bits of it from xf86, move XSELinux to the builtin part of
Xext, and do its configuration from xf86ExtensionInit.

Signed-off-by: Daniel Stone <daniel at fooishbar.org>
---
 Xext/Makefile.am                    |    8 +++++---
 hw/xfree86/common/xf86Extensions.c  |   19 +++++++++++++++++++
 hw/xfree86/dixmods/extmod/modinit.c |   29 -----------------------------
 mi/miinitext.c                      |    3 +++
 4 files changed, 27 insertions(+), 32 deletions(-)

diff --git a/Xext/Makefile.am b/Xext/Makefile.am
index acbcc17..86d40e1 100644
--- a/Xext/Makefile.am
+++ b/Xext/Makefile.am
@@ -30,6 +30,7 @@ BUILTIN_SRCS =			\
 	syncsrv.h		\
 	xcmisc.c		\
 	xtest.c
+BUILTIN_LIBS =
 
 # Sources always included in libXextmodule.la & libXext.la. That's right, zero.
 MODULE_SRCS =
@@ -84,8 +85,8 @@ endif
 # requires X-ACE extension
 XSELINUX_SRCS = xselinux_ext.c xselinux_hooks.c xselinux_label.c xselinux.h xselinuxint.h
 if XSELINUX
-MODULE_SRCS += $(XSELINUX_SRCS)
-MODULE_LIBS += $(SELINUX_LIBS)
+BUILTIN_SRCS += $(XSELINUX_SRCS)
+BUILTIN_LIBS += $(SELINUX_LIBS)
 endif
 
 # Security extension: multi-level security to protect clients from each other
@@ -109,10 +110,11 @@ endif
 # Now take all of the above, mix well, bake for 10 minutes and get libXext*.la
 
 libXext_la_SOURCES =		$(BUILTIN_SRCS) $(MODULE_SRCS)
-libXext_la_LIBADD =		$(MODULE_LIBS)
+libXext_la_LIBADD =		$(BUILTIN_LIBS) $(MODULE_LIBS)
 
 if XORG
 libXextbuiltin_la_SOURCES =	$(BUILTIN_SRCS)
+libXextbuiltin_la_LIBADD = 	$(BUILTIN_LIBS)
 
 libXextmodule_la_SOURCES =	$(MODULE_SRCS)
 libXextmodule_la_LIBADD =	$(MODULE_LIBS)
diff --git a/hw/xfree86/common/xf86Extensions.c b/hw/xfree86/common/xf86Extensions.c
index b430d32..5b2f631 100644
--- a/hw/xfree86/common/xf86Extensions.c
+++ b/hw/xfree86/common/xf86Extensions.c
@@ -51,6 +51,25 @@ xf86ExtensionInit(void)
                 if (EnableDisableExtension(opt->opt_name + 4, FALSE))
                     xf86MarkOptionUsed(opt);
             }
+
+#ifdef XSELINUX
+            if (! strcmp(SELINUX_EXTENSION_NAME, extensionModules[i].name)) {
+                pointer o;
+
+                if ((o = xf86FindOption(modp->load_opt, "SELinux mode disabled"))) {
+                    xf86MarkOptionUsed(o);
+                    selinuxEnforcingState = SELINUX_MODE_DISABLED;
+                }
+                if ((o = xf86FindOption(modp->load_opt, "SELinux mode permissive"))) {
+                    xf86MarkOptionUsed(o);
+                    selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
+                }
+                if ((o = xf86FindOption(modp->load_opt, "SELinux mode enforcing"))) {
+                    xf86MarkOptionUsed(o);
+                    selinuxEnforcingState = SELINUX_MODE_ENFORCING;
+                }
+            }
+#endif
 	}
     }
 }
diff --git a/hw/xfree86/dixmods/extmod/modinit.c b/hw/xfree86/dixmods/extmod/modinit.c
index 3dfacf1..673dcd4 100644
--- a/hw/xfree86/dixmods/extmod/modinit.c
+++ b/hw/xfree86/dixmods/extmod/modinit.c
@@ -38,15 +38,6 @@ static MODULESETUPPROTO(extmodSetup);
  * Array describing extensions to be initialized
  */
 static ExtensionModule extensionModules[] = {
-#ifdef XSELINUX
-    {
-	SELinuxExtensionInit,
-	SELINUX_EXTENSION_NAME,
-	&noSELinuxExtension,
-	NULL,
-	NULL
-    },
-#endif
 #ifdef XF86VIDMODE
     {
 	XFree86VidModeExtensionInit,
@@ -114,26 +105,6 @@ extmodSetup(pointer module, pointer opts, int *errmaj, int *errmin)
 	    }
 	}
 
-#ifdef XSELINUX
-	if (! strcmp(SELINUX_EXTENSION_NAME, extensionModules[i].name)) {
-	    pointer o;
-	    selinuxEnforcingState = SELINUX_MODE_DEFAULT;
-
-	    if ((o = xf86FindOption(opts, "SELinux mode disabled"))) {
-		xf86MarkOptionUsed(o);
-		selinuxEnforcingState = SELINUX_MODE_DISABLED;
-	    }
-	    if ((o = xf86FindOption(opts, "SELinux mode permissive"))) {
-		xf86MarkOptionUsed(o);
-		selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
-	    }
-	    if ((o = xf86FindOption(opts, "SELinux mode enforcing"))) {
-		xf86MarkOptionUsed(o);
-		selinuxEnforcingState = SELINUX_MODE_ENFORCING;
-	    }
-	}
-#endif
-
 	LoadExtension(&extensionModules[i], FALSE);
     }
     /* Need a non-NULL return */
diff --git a/mi/miinitext.c b/mi/miinitext.c
index 9fb5ec8..2090c2d 100644
--- a/mi/miinitext.c
+++ b/mi/miinitext.c
@@ -542,6 +542,9 @@ static ExtensionModule staticExtensions[] = {
     { XvExtensionInit, XvName, &noXvExtension, NULL },
     { XvMCExtensionInit, XvMCName, &noXvExtension, NULL },
 #endif
+#ifdef XSELINUX
+    { SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension, NULL },
+#endif
     { NULL, NULL, NULL, NULL, NULL }
 };
     
-- 
1.7.5.4



More information about the xorg-devel mailing list