[PATCH 2/3] dix: more lookup function consolidation, macro removal
Eamon Walsh
ewalsh at tycho.nsa.gov
Mon Jan 29 17:04:42 PST 2007
Consolidates four resource lookup functions into dixLookupResource().
Signed-off-by: Eamon Walsh <ewalsh at tycho.nsa.gov>
---
dix/resource.c | 85 +++++++++++------------------------------------------
include/resource.h | 60 +++++++++++++++++++++++--------------
2 files changed, 55 insertions(+), 90 deletions(-)
---
diff --git a/dix/resource.c b/dix/resource.c
index 4468f45..ac4c320 100644
--- a/dix/resource.c
+++ b/dix/resource.c
@@ -875,81 +875,32 @@ LegalNewID(XID id, register ClientPtr client)
!LookupIDByClass(id, RC_ANY)));
}
-/* SecurityLookupIDByType and SecurityLookupIDByClass:
- * These are the heart of the resource ID security system. They take
- * two additional arguments compared to the old LookupID functions:
- * the client doing the lookup, and the access mode (see resource.h).
- * The resource is returned if it exists and the client is allowed access,
- * else NULL is returned.
- */
-
-_X_EXPORT pointer
-SecurityLookupIDByType(ClientPtr client, XID id, RESTYPE rtype, Mask mode)
+_X_EXPORT int
+dixLookupResource(pointer *result, XID id, RESTYPE rtype,
+ ClientPtr client, Mask mode)
{
- int cid;
- register ResourcePtr res;
- pointer retval = NULL;
+ int cid = CLIENT_ID(id);
+ int istype = rtype & (RC_LASTPREDEF - 1);
+ register ResourcePtr res;
+ pointer retval;
+ *result = NULL;
- if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
- clientTable[cid].buckets)
- {
+ if ((cid < MAXCLIENTS) && clientTable[cid].buckets) {
res = clientTable[cid].resources[Hash(cid, id)];
for (; res; res = res->next)
- if ((res->id == id) && (res->type == rtype))
- {
+ if ((res->id == id) && ((istype && res->type == rtype) ||
+ (!istype && res->type & rtype))) {
retval = res->value;
break;
}
}
- if (retval && client &&
- !XaceHook(XACE_RESOURCE_ACCESS, client, id, rtype, mode, retval))
- retval = NULL;
-
- return retval;
-}
-
-
-_X_EXPORT pointer
-SecurityLookupIDByClass(ClientPtr client, XID id, RESTYPE classes, Mask mode)
-{
- int cid;
- register ResourcePtr res = NULL;
- pointer retval = NULL;
-
- if (((cid = CLIENT_ID(id)) < MAXCLIENTS) &&
- clientTable[cid].buckets)
- {
- res = clientTable[cid].resources[Hash(cid, id)];
-
- for (; res; res = res->next)
- if ((res->id == id) && (res->type & classes))
- {
- retval = res->value;
- break;
- }
+ if (retval && client) {
+ if (!XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type, mode,
+ retval))
+ return BadAccess;
+ *result = retval;
+ return Success;
}
- if (retval && client &&
- !XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type, mode, retval))
- retval = NULL;
-
- return retval;
-}
-
-/* We can't replace the LookupIDByType and LookupIDByClass functions with
- * macros because of compatibility with loadable servers.
- */
-
-_X_EXPORT pointer
-LookupIDByType(XID id, RESTYPE rtype)
-{
- return SecurityLookupIDByType(NullClient, id, rtype,
- DixUnknownAccess);
-}
-
-_X_EXPORT pointer
-LookupIDByClass(XID id, RESTYPE classes)
-{
- return SecurityLookupIDByClass(NullClient, id, classes,
- DixUnknownAccess);
+ return BadValue;
}
diff --git a/include/resource.h b/include/resource.h
index 3231e8c..bf16671 100644
--- a/include/resource.h
+++ b/include/resource.h
@@ -67,7 +67,7 @@ typedef unsigned long RESTYPE;
*/
#define RC_NEVERRETAIN ((RESTYPE)1<<29)
#define RC_LASTPREDEF RC_NEVERRETAIN
-#define RC_ANY (~(RESTYPE)0)
+#define RC_ANY (~(RESTYPE)(RC_LASTPREDEF-1))
/* types for Resource routines */
@@ -198,14 +198,6 @@ extern Bool LegalNewID(
XID /*id*/,
ClientPtr /*client*/);
-extern pointer LookupIDByType(
- XID /*id*/,
- RESTYPE /*rtype*/);
-
-extern pointer LookupIDByClass(
- XID /*id*/,
- RESTYPE /*classes*/);
-
extern pointer LookupClientResourceComplex(
ClientPtr client,
RESTYPE type,
@@ -213,7 +205,7 @@ extern pointer LookupClientResourceComplex(
pointer cdata);
/* These are the access modes that can be passed in the last parameter
- * to SecurityLookupIDByType/Class. The Security extension doesn't
+ * to dixLookupResource. The Security extension doesn't
* currently make much use of these; they're mainly provided as an
* example of what you might need for discretionary access control.
* You can or these values together to indicate multiple modes
@@ -223,21 +215,14 @@ extern pointer LookupClientResourceComplex(
#define DixUnknownAccess 0 /* don't know intentions */
#define DixReadAccess (1<<0) /* inspecting the object */
#define DixWriteAccess (1<<1) /* changing the object */
-#define DixReadWriteAccess (DixReadAccess|DixWriteAccess)
#define DixDestroyAccess (1<<2) /* destroying the object */
-extern pointer SecurityLookupIDByType(
- ClientPtr /*client*/,
- XID /*id*/,
- RESTYPE /*rtype*/,
- Mask /*access_mode*/);
-
-extern pointer SecurityLookupIDByClass(
- ClientPtr /*client*/,
- XID /*id*/,
- RESTYPE /*classes*/,
- Mask /*access_mode*/);
-
+extern int dixLookupResource(
+ pointer *result,
+ XID id,
+ RESTYPE rtype,
+ ClientPtr client,
+ Mask access_mode);
extern void GetXIDRange(
int /*client*/,
@@ -258,5 +243,34 @@ extern Atom *ResourceNames;
void RegisterResourceName(RESTYPE type, char* name);
#endif
+/*
+ * These are deprecated compatibility functions and will be removed soon!
+ * Please use the noted replacements instead.
+ */
+
+/* replaced by dixLookupResource */
+extern _X_DEPRECATED pointer SecurityLookupIDByType(
+ ClientPtr client,
+ XID id,
+ RESTYPE rtype,
+ Mask access_mode);
+
+/* replaced by dixLookupResource */
+extern _X_DEPRECATED pointer SecurityLookupIDByClass(
+ ClientPtr client,
+ XID id,
+ RESTYPE classes,
+ Mask access_mode);
+
+/* replaced by dixLookupResource */
+extern _X_DEPRECATED pointer LookupIDByType(
+ XID id,
+ RESTYPE rtype);
+
+/* replaced by dixLookupResource */
+extern _X_DEPRECATED pointer LookupIDByClass(
+ XID id,
+ RESTYPE classes);
+
#endif /* RESOURCE_H */
--
Eamon Walsh <ewalsh at tycho.nsa.gov>
National Security Agency
More information about the xorg
mailing list