SwallowOS/xserver_xsdl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into mpx

Browse Source 
This merge reverts Magnus' device coorindate scaling changes. MPX core event
generation is very different, so we can't scale in GetPointerEvents.

Conflicts:

	Xi/opendev.c
	dix/devices.c
	dix/dixfonts.c
	dix/getevents.c
	dix/resource.c
	dix/window.c
	hw/xfree86/common/xf86Xinput.c
	mi/mipointer.c
	xkb/ddxBeep.c
	xkb/ddxCtrls.c
	xkb/ddxKeyClick.c
	xkb/ddxList.c
	xkb/ddxLoad.c
	xkb/xkb.c
	xkb/xkbAccessX.c
	xkb/xkbEvents.c
	xkb/xkbInit.c
	xkb/xkbPrKeyEv.c
	xkb/xkbUtils.c
This commit is contained in:
Peter Hutterer
2008-03-04 18:11:10 +10:30
parent 23ae68a4c7 453661a9e1
commit 4f2cd0ed96
170 changed files with 8242 additions and 19606 deletions
Download Patch File Download Diff File Expand all files Collapse all files

262
Xext/panoramiX.c
View File

@@ -81,9 +81,6 @@ static DepthPtr PanoramiXDepths;
static int PanoramiXNumVisuals;
static VisualPtr PanoramiXVisuals;
/* We support at most 256 visuals */
_X_EXPORT XID *PanoramiXVisualTable = NULL;
_X_EXPORT unsigned long XRC_DRAWABLE;
_X_EXPORT unsigned long XRT_WINDOW;
_X_EXPORT unsigned long XRT_PIXMAP;
@@ -463,10 +460,8 @@ void PanoramiXExtensionInit(int argc, char *argv[])
ProcPanoramiXDispatch,
SProcPanoramiXDispatch, PanoramiXResetProc,
StandardMinorOpcode);
if (!extEntry) {
ErrorF("PanoramiXExtensionInit(): failed to AddExtension\n");
if (!extEntry)
break;
}
/*
* First make sure all the basic allocations succeed. If not,
@@ -514,7 +509,7 @@ void PanoramiXExtensionInit(int argc, char *argv[])
if (!success) {
noPanoramiXExtension = TRUE;
ErrorF("%s Extension failed to initialize\n", PANORAMIX_PROTOCOL_NAME);
ErrorF(PANORAMIX_PROTOCOL_NAME " extension failed to initialize\n");
return;
}
@@ -604,14 +599,14 @@ Bool PanoramiXCreateConnectionBlock(void)
*/
if(!PanoramiXNumDepths) {
ErrorF("PanoramiX error: Incompatible screens. No common visuals\n");
ErrorF("Xinerama error: No common visuals\n");
return FALSE;
}
for(i = 1; i < screenInfo.numScreens; i++) {
pScreen = screenInfo.screens[i];
if(pScreen->rootDepth != screenInfo.screens[0]->rootDepth) {
ErrorF("PanoramiX error: Incompatible screens. Root window depths differ\n");
ErrorF("Xinerama error: Root window depths differ\n");
return FALSE;
}
if(pScreen->backingStoreSupport != screenInfo.screens[0]->backingStoreSupport)
@@ -704,143 +699,133 @@ Bool PanoramiXCreateConnectionBlock(void)
return TRUE;
}
extern
void PanoramiXConsolidate(void)
/*
* This isn't just memcmp(), bitsPerRGBValue is skipped. markv made that
* change way back before xf86 4.0, but the comment for _why_ is a bit
* opaque, so I'm not going to question it for now.
*
* This is probably better done as a screen hook so DBE/EVI/GLX can add
* their own tests, and adding privates to VisualRec so they don't have to
* do their own back-mapping.
*/
static Bool
VisualsEqual(VisualPtr a, VisualPtr b)
{
int i, j, k;
VisualPtr pVisual, pVisual2;
ScreenPtr pScreen, pScreen2;
DepthPtr pDepth, pDepth2;
PanoramiXRes *root, *defmap, *saver;
Bool foundDepth, missingDepth;
return ((a->class == b->class) &&
(a->ColormapEntries == b->ColormapEntries) &&
(a->nplanes == b->nplanes) &&
(a->redMask == b->redMask) &&
(a->greenMask == b->greenMask) &&
(a->blueMask == b->blueMask) &&
(a->offsetRed == b->offsetRed) &&
(a->offsetGreen == b->offsetGreen) &&
(a->offsetBlue == b->offsetBlue));
}
if(!PanoramiXVisualTable)
PanoramiXVisualTable = xcalloc(256 * MAXSCREENS, sizeof(XID));
static void
PanoramiXMaybeAddDepth(DepthPtr pDepth)
{
ScreenPtr pScreen;
int j, k;
Bool found = FALSE;
pScreen = screenInfo.screens[0];
pVisual = pScreen->visuals;
pDepth = pScreen->allowedDepths;
PanoramiXNumDepths = 0;
PanoramiXDepths = xcalloc(pScreen->numDepths,sizeof(DepthRec));
PanoramiXNumVisuals = 0;
PanoramiXVisuals = xcalloc(pScreen->numVisuals,sizeof(VisualRec));
for (i = 0; i < pScreen->numDepths; i++, pDepth++) {
missingDepth = FALSE;
for (j = 1; j < PanoramiXNumScreens; j++) {
pScreen2 = screenInfo.screens[j];
pDepth2 = pScreen2->allowedDepths;
foundDepth = FALSE;
for (k = 0; k < pScreen2->numDepths; k++, pDepth2++) {
if(pDepth2->depth == pDepth->depth) {
foundDepth = TRUE;
break;
}
}
if(!foundDepth) {
missingDepth = TRUE;
break;
}
}
if(!missingDepth) {
PanoramiXDepths[PanoramiXNumDepths].depth = pDepth->depth;
PanoramiXDepths[PanoramiXNumDepths].numVids = 0;
if(pDepth->numVids)
PanoramiXDepths[PanoramiXNumDepths].vids =
xalloc(sizeof(VisualID) * pDepth->numVids);
else
PanoramiXDepths[PanoramiXNumDepths].vids = NULL;
PanoramiXNumDepths++;
}
for (j = 1; j < PanoramiXNumScreens; j++) {
pScreen = screenInfo.screens[j];
for (k = 0; k < pScreen->numDepths; k++) {
if (pScreen->allowedDepths[k].depth == pDepth->depth) {
found = TRUE;
break;
}
}
}
for (i = 0; i < pScreen->numVisuals; i++, pVisual++) {
PanoramiXVisualTable[pVisual->vid * MAXSCREENS] = pVisual->vid;
if (!found)
return;
/* check if the visual exists on all screens */
for (j = 1; j < PanoramiXNumScreens; j++) {
pScreen2 = screenInfo.screens[j];
j = PanoramiXNumDepths;
PanoramiXNumDepths++;
PanoramiXDepths = xrealloc(PanoramiXDepths,
PanoramiXNumDepths * sizeof(DepthRec));
PanoramiXDepths[j].depth = pDepth->depth;
PanoramiXDepths[j].numVids = 0;
/* XXX suboptimal, should grow these dynamically */
if(pDepth->numVids)
PanoramiXDepths[j].vids = xalloc(sizeof(VisualID) * pDepth->numVids);
else
PanoramiXDepths[j].vids = NULL;
}
static void
PanoramiXMaybeAddVisual(VisualPtr pVisual)
{
ScreenPtr pScreen;
VisualPtr candidate = NULL;
int j, k;
Bool found = FALSE;
for (j = 1; j < PanoramiXNumScreens; j++) {
pScreen = screenInfo.screens[j];
found = FALSE;
candidate = pScreen->visuals;
for (k = 0; k < pScreen->numVisuals; k++) {
candidate++;
if (VisualsEqual(pVisual, candidate)
#ifdef GLXPROXY
pVisual2 = glxMatchVisual(pScreen, pVisual, pScreen2);
if (pVisual2) {
PanoramiXVisualTable[(pVisual->vid * MAXSCREENS) + j] =
pVisual2->vid;
continue;
} else if (glxMatchVisual(pScreen, pVisual, pScreen)) {
PanoramiXVisualTable[(pVisual->vid * MAXSCREENS) + j] = 0;
break;
}
&& glxMatchVisual(screenInfo.screens[0], pVisual, pScreen)
#endif
pVisual2 = pScreen2->visuals;
for (k = 0; k < pScreen2->numVisuals; k++, pVisual2++) {
if ((pVisual->class == pVisual2->class) &&
(pVisual->ColormapEntries == pVisual2->ColormapEntries) &&
(pVisual->nplanes == pVisual2->nplanes) &&
(pVisual->redMask == pVisual2->redMask) &&
(pVisual->greenMask == pVisual2->greenMask) &&
(pVisual->blueMask == pVisual2->blueMask) &&
(pVisual->offsetRed == pVisual2->offsetRed) &&
(pVisual->offsetGreen == pVisual2->offsetGreen) &&
(pVisual->offsetBlue == pVisual2->offsetBlue))
{
/* We merely assign the first visual that matches. OpenGL
will need to get involved at some point if you want
match GLX visuals */
PanoramiXVisualTable[(pVisual->vid * MAXSCREENS) + j] =
pVisual2->vid;
break;
}
}
}
/* if it doesn't exist on all screens we can't use it */
for (j = 0; j < PanoramiXNumScreens; j++) {
if (!PanoramiXVisualTable[(pVisual->vid * MAXSCREENS) + j]) {
PanoramiXVisualTable[pVisual->vid * MAXSCREENS] = 0;
) {
found = TRUE;
break;
}
}
/* if it does, make sure it's in the list of supported depths and visuals */
if(PanoramiXVisualTable[pVisual->vid * MAXSCREENS]) {
PanoramiXVisuals[PanoramiXNumVisuals].vid = pVisual->vid;
PanoramiXVisuals[PanoramiXNumVisuals].class = pVisual->class;
PanoramiXVisuals[PanoramiXNumVisuals].bitsPerRGBValue = pVisual->bitsPerRGBValue;
PanoramiXVisuals[PanoramiXNumVisuals].ColormapEntries = pVisual->ColormapEntries;
PanoramiXVisuals[PanoramiXNumVisuals].nplanes = pVisual->nplanes;
PanoramiXVisuals[PanoramiXNumVisuals].redMask = pVisual->redMask;
PanoramiXVisuals[PanoramiXNumVisuals].greenMask = pVisual->greenMask;
PanoramiXVisuals[PanoramiXNumVisuals].blueMask = pVisual->blueMask;
PanoramiXVisuals[PanoramiXNumVisuals].offsetRed = pVisual->offsetRed;
PanoramiXVisuals[PanoramiXNumVisuals].offsetGreen = pVisual->offsetGreen;
PanoramiXVisuals[PanoramiXNumVisuals].offsetBlue = pVisual->offsetBlue;
PanoramiXNumVisuals++;
if (!found)
return;
}
for (j = 0; j < PanoramiXNumDepths; j++) {
if (PanoramiXDepths[j].depth == pVisual->nplanes) {
PanoramiXDepths[j].vids[PanoramiXDepths[j].numVids] = pVisual->vid;
PanoramiXDepths[j].numVids++;
break;
}
}
}
}
/* found a matching visual on all screens, add it to the subset list */
j = PanoramiXNumVisuals;
PanoramiXNumVisuals++;
PanoramiXVisuals = xrealloc(PanoramiXVisuals,
PanoramiXNumVisuals * sizeof(VisualRec));
memcpy(&PanoramiXVisuals[j], pVisual, sizeof(VisualRec));
root = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes));
for (k = 0; k < PanoramiXNumDepths; k++) {
if (PanoramiXDepths[k].depth == pVisual->nplanes) {
PanoramiXDepths[k].vids[PanoramiXDepths[k].numVids] = pVisual->vid;
PanoramiXDepths[k].numVids++;
break;
}
}
}
extern void
PanoramiXConsolidate(void)
{
int i;
PanoramiXRes *root, *defmap, *saver;
ScreenPtr pScreen = screenInfo.screens[0];
DepthPtr pDepth = pScreen->allowedDepths;
VisualPtr pVisual = pScreen->visuals;
PanoramiXNumDepths = 0;
PanoramiXNumVisuals = 0;
for (i = 0; i < pScreen->numDepths; i++)
PanoramiXMaybeAddDepth(pDepth++);
for (i = 0; i < pScreen->numVisuals; i++)
PanoramiXMaybeAddVisual(pVisual++);
root = xalloc(sizeof(PanoramiXRes));
root->type = XRT_WINDOW;
defmap = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes));
defmap = xalloc(sizeof(PanoramiXRes));
defmap->type = XRT_COLORMAP;
saver = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes));
saver = xalloc(sizeof(PanoramiXRes));
saver->type = XRT_WINDOW;
for (i = 0; i < PanoramiXNumScreens; i++) {
root->info[i].id = WindowTable[i]->drawable.id;
root->u.win.class = InputOutput;
@@ -856,6 +841,31 @@ void PanoramiXConsolidate(void)
AddResource(defmap->info[0].id, XRT_COLORMAP, defmap);
}
_X_EXPORT VisualID
PanoramiXTranslateVisualID(int screen, VisualID orig)
{
VisualPtr pVisual = NULL;
int i, j;
for (i = 0; i < PanoramiXNumVisuals; i++) {
if (orig == PanoramiXVisuals[i].vid) {
pVisual = &PanoramiXVisuals[i];
break;
}
}
if (!pVisual)
return 0;
/* found the original, now translate it relative to the backend screen */
for (i = 0; i < PanoramiXNumScreens; i++)
for (j = 0; j < screenInfo.screens[i]->numVisuals; j++)
if (VisualsEqual(pVisual, &screenInfo.screens[i]->visuals[j]))
return screenInfo.screens[i]->visuals[j].vid;
return 0;
}
/*
* PanoramiXResetProc()

7
Xext/panoramiXprocs.c
View File

@@ -150,7 +150,7 @@ int PanoramiXCreateWindow(ClientPtr client)
if (cmap)
*((CARD32 *) &stuff[1] + cmap_offset) = cmap->info[j].id;
if ( orig_visual != CopyFromParent )
stuff->visual = PanoramiXVisualTable[(orig_visual*MAXSCREENS) + j];
stuff->visual = PanoramiXTranslateVisualID(j, orig_visual);
result = (*SavedProcVector[X_CreateWindow])(client);
if(result != Success) break;
}
@@ -2077,9 +2077,6 @@ int PanoramiXCreateColormap(ClientPtr client)
client, stuff->window, XRT_WINDOW, DixReadAccess)))
return BadWindow;
if(!stuff->visual || (stuff->visual > 255))
return BadValue;
if(!(newCmap = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes))))
return BadAlloc;
@@ -2092,7 +2089,7 @@ int PanoramiXCreateColormap(ClientPtr client)
FOR_NSCREENS_BACKWARD(j){
stuff->mid = newCmap->info[j].id;
stuff->window = win->info[j].id;
stuff->visual = PanoramiXVisualTable[(orig_visual * MAXSCREENS) + j];
stuff->visual = PanoramiXTranslateVisualID(j, orig_visual);
result = (* SavedProcVector[X_CreateColormap])(client);
if(result != Success) break;
}

2
Xext/panoramiXsrv.h
View File

@@ -12,8 +12,8 @@ extern int PanoramiXNumScreens;
extern PanoramiXData *panoramiXdataPtr;
extern int PanoramiXPixWidth;
extern int PanoramiXPixHeight;
extern XID *PanoramiXVisualTable;
extern VisualID PanoramiXTranslateVisualID(int screen, VisualID orig);
extern void PanoramiXConsolidate(void);
extern Bool PanoramiXCreateConnectionBlock(void);
extern PanoramiXRes * PanoramiXFindIDByScrnum(RESTYPE, XID, int);

3
Xext/saver.c
View File

@@ -1346,8 +1346,7 @@ ProcScreenSaverSetAttributes (ClientPtr client)
*((CARD32 *) &stuff[1] + cmap_offset) = cmap->info[i].id;
if (orig_visual != CopyFromParent)
stuff->visualID =
PanoramiXVisualTable[(orig_visual*MAXSCREENS) + i];
stuff->visualID = PanoramiXTranslateVisualID(i, orig_visual);
status = ScreenSaverSetAttributes(client);
}

54
Xext/security.c
View File

@@ -29,6 +29,9 @@ in this Software without prior written authorization from The Open Group.
#endif
#include "scrnintstr.h"
#include "inputstr.h"
#include "windowstr.h"
#include "propertyst.h"
#include "colormapst.h"
#include "privates.h"
#include "registry.h"
@@ -67,10 +70,19 @@ static char *SecurityUntrustedExtensions[] = {
NULL
};
/* Access modes that untrusted clients can do to trusted stuff */
static const Mask SecurityAllowedMask =
DixGetAttrAccess | DixListPropAccess | DixGetPropAccess |
DixGetFocusAccess | DixListAccess | DixReceiveAccess;
/*
* Access modes that untrusted clients are allowed on trusted objects.
*/
static const Mask SecurityResourceMask =
DixGetAttrAccess | DixReceiveAccess | DixListPropAccess |
DixGetPropAccess | DixListAccess;
static const Mask SecurityRootWindowExtraMask =
DixReceiveAccess | DixSendAccess | DixAddAccess | DixRemoveAccess;
static const Mask SecurityDeviceMask =
DixGetAttrAccess | DixReceiveAccess | DixGetFocusAccess |
DixGrabAccess | DixSetAttrAccess | DixUseAccess;
static const Mask SecurityServerMask = DixGetAttrAccess | DixGrabAccess;
static const Mask SecurityClientMask = DixGetAttrAccess;
/* SecurityAudit
@@ -748,11 +760,15 @@ SecurityDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceDeviceAccessRec *rec = calldata;
SecurityStateRec *subj, *obj;
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask;
Mask allowed = SecurityDeviceMask;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
if (rec->dev != inputInfo.keyboard)
/* this extension only supports the core keyboard */
allowed = requested;
if (SecurityDoCheck(subj, obj, requested, allowed) != Success) {
SecurityAudit("Security denied client %d keyboard access on request "
"%s\n", rec->client->index,
@@ -789,20 +805,29 @@ SecurityResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SecurityStateRec *subj, *obj;
int cid = CLIENT_ID(rec->id);
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask;
Mask allowed = SecurityResourceMask;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&clients[cid]->devPrivates, stateKey);
/* disable background None for untrusted windows */
if ((requested & DixCreateAccess) && (rec->rtype == RT_WINDOW))
if (subj->haveState && subj->trustLevel != XSecurityClientTrusted)
((WindowPtr)rec->res)->forcedBG = TRUE;
/* special checks for server-owned resources */
if (cid == 0) {
if (rec->rtype & RC_DRAWABLE)
/* additional operations allowed on root windows */
allowed |= DixReadAccess|DixSendAccess;
allowed |= SecurityRootWindowExtraMask;
else if (rec->rtype == RT_COLORMAP)
/* allow access to default colormaps */
allowed = requested;
else
/* allow read access to other server-owned resources */
allowed |= DixReadAccess;
}
if (SecurityDoCheck(subj, obj, requested, allowed) == Success)
@@ -813,9 +838,10 @@ SecurityResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
return;
#endif
SecurityAudit("Security: denied client %d access to resource 0x%x "
"of client %d on request %s\n", rec->client->index, rec->id,
cid, SecurityLookupRequestName(rec->client));
SecurityAudit("Security: denied client %d access %x to resource 0x%x "
"of client %d on request %s\n", rec->client->index,
requested, rec->id, cid,
SecurityLookupRequestName(rec->client));
rec->status = BadAccess; /* deny access */
}
@@ -847,7 +873,7 @@ SecurityServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceServerAccessRec *rec = calldata;
SecurityStateRec *subj, *obj;
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask;
Mask allowed = SecurityServerMask;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
@@ -866,7 +892,7 @@ SecurityClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceClientAccessRec *rec = calldata;
SecurityStateRec *subj, *obj;
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask;
Mask allowed = SecurityClientMask;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
@@ -886,7 +912,7 @@ SecurityProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SecurityStateRec *subj, *obj;
ATOM name = rec->pProp->propertyName;
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask | DixReadAccess;
Mask allowed = SecurityResourceMask | DixReadAccess;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&wClient(rec->pWin)->devPrivates, stateKey);
@@ -1079,6 +1105,8 @@ SecurityExtensionInit(INITARGS)
return;
RTEventClient |= RC_NEVERRETAIN;
RegisterResourceName(SecurityAuthorizationResType, "SecurityAuthorization");
RegisterResourceName(RTEventClient, "SecurityEventClient");
/* Allocate the private storage */
if (!dixRequestPrivate(stateKey, sizeof(SecurityStateRec)))

42
Xext/xace.c
View File

@@ -23,6 +23,10 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include <stdarg.h>
#include "scrnintstr.h"
#include "extnsionst.h"
#include "pixmapstr.h"
#include "regionstr.h"
#include "gcstruct.h"
#include "xacestr.h"
CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
@@ -51,6 +55,21 @@ int XaceHookDispatch(ClientPtr client, int major)
}
}
int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin,
PropertyPtr pProp, Mask access_mode)
{
XacePropertyAccessRec rec = { client, pWin, pProp, access_mode, Success };
CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec);
return rec.status;
}
int XaceHookSelectionAccess(ClientPtr client, Atom name, Mask access_mode)
{
XaceSelectionAccessRec rec = { client, name, access_mode, Success };
CallCallbacks(&XaceHooks[XACE_SELECTION_ACCESS], &rec);
return rec.status;
}
void XaceHookAuditEnd(ClientPtr ptr, int result)
{
XaceAuditRec rec = { ptr, result };
@@ -100,18 +119,6 @@ int XaceHook(int hook, ...)
prv = &rec.status;
break;
}
case XACE_PROPERTY_ACCESS: {
XacePropertyAccessRec rec = {
va_arg(ap, ClientPtr),
va_arg(ap, WindowPtr),
va_arg(ap, PropertyPtr),
va_arg(ap, Mask),
Success /* default allow */
};
calldata = &rec;
prv = &rec.status;
break;
}
case XACE_SEND_ACCESS: {
XaceSendAccessRec rec = {
va_arg(ap, ClientPtr),
@@ -169,17 +176,6 @@ int XaceHook(int hook, ...)
prv = &rec.status;
break;
}
case XACE_SELECTION_ACCESS: {
XaceSelectionAccessRec rec = {
va_arg(ap, ClientPtr),
va_arg(ap, Atom),
va_arg(ap, Mask),
Success /* default allow */
};
calldata = &rec;
prv = &rec.status;
break;
}
case XACE_SCREEN_ACCESS:
case XACE_SCREENSAVER_ACCESS: {
XaceScreenAccessRec rec = {

18
Xext/xace.h
View File

@@ -25,11 +25,13 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#define XACE_MAJOR_VERSION 2
#define XACE_MINOR_VERSION 0
#include "pixmap.h" /* for DrawablePtr */
#include "regionstr.h" /* for RegionPtr */
#include "pixmap.h"
#include "region.h"
#include "window.h"
#include "property.h"
/* Default window background */
#define XaceBackgroundNoneState None
#define XaceBackgroundNoneState(w) ((w)->forcedBG ? BackgroundPixel : None)
/* security hooks */
/* Constants used to identify the available security hooks
@@ -65,6 +67,10 @@ extern int XaceHook(
/* Special-cased hook functions
*/
extern int XaceHookDispatch(ClientPtr ptr, int major);
extern int XaceHookPropertyAccess(ClientPtr ptr, WindowPtr pWin,
PropertyPtr pProp, Mask access_mode);
extern int XaceHookSelectionAccess(ClientPtr ptr, Atom name,
Mask access_mode);
extern void XaceHookAuditEnd(ClientPtr ptr, int result);
/* Register a callback for a given hook.
@@ -94,18 +100,22 @@ extern void XaceCensorImage(
#else /* XACE */
/* Default window background */
#define XaceBackgroundNoneState None
#define XaceBackgroundNoneState(w) None
/* Define calls away when XACE is not being built. */
#ifdef __GNUC__
#define XaceHook(args...) Success
#define XaceHookDispatch(args...) Success
#define XaceHookPropertyAccess(args...) Success
#define XaceHookSelectionAccess(args...) Success
#define XaceHookAuditEnd(args...) { ; }
#define XaceCensorImage(args...) { ; }
#else
#define XaceHook(...) Success
#define XaceHookDispatch(...) Success
#define XaceHookPropertyAccess(...) Success
#define XaceHookSelectionAccess(...) Success
#define XaceHookAuditEnd(...) { ; }
#define XaceCensorImage(...) { ; }
#endif

9
Xext/xacestr.h
View File

@@ -20,13 +20,12 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#ifndef _XACESTR_H
#define _XACESTR_H
#include "dixstruct.h"
#include "dix.h"
#include "resource.h"
#include "extnsionst.h"
#include "gcstruct.h"
#include "windowstr.h"
#include "inputstr.h"
#include "propertyst.h"
#include "window.h"
#include "input.h"
#include "property.h"
#include "selection.h"
#include "xace.h"

8
Xext/xf86bigfont.c
View File

@@ -236,15 +236,15 @@ shmalloc(
size = (size + pagesize-1) & -pagesize;
shmid = shmget(IPC_PRIVATE, size, S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
if (shmid == -1) {
ErrorF(XF86BIGFONTNAME " extension: shmget() failed, size = %u, errno = %d\n",
size, errno);
ErrorF(XF86BIGFONTNAME " extension: shmget() failed, size = %u, %s\n",
size, strerror(errno));
xfree(pDesc);
return (ShmDescPtr) NULL;
}
if ((addr = shmat(shmid, 0, 0)) == (char *)-1) {
ErrorF(XF86BIGFONTNAME " extension: shmat() failed, size = %u, errno = %d\n",
size, errno);
ErrorF(XF86BIGFONTNAME " extension: shmat() failed, size = %u, %s\n",
size, strerror(errno));
shmctl(shmid, IPC_RMID, (void *) 0);
xfree(pDesc);
return (ShmDescPtr) NULL;

360
Xext/xselinux.c
View File

@@ -22,21 +22,28 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
* All rights reserved.
*/
#ifdef HAVE_DIX_CONFIG_H
#include <dix-config.h>
#endif
#include <sys/socket.h>
#include <stdio.h>
#include <stdarg.h>
#include <selinux/selinux.h>
#include <selinux/label.h>
#include <selinux/avc.h>
#include <libaudit.h>
#ifdef HAVE_DIX_CONFIG_H
#include <dix-config.h>
#endif
#include <X11/Xatom.h>
#include "resource.h"
#include "privates.h"
#include "registry.h"
#include "dixstruct.h"
#include "inputstr.h"
#include "windowstr.h"
#include "propertyst.h"
#include "extnsionst.h"
#include "scrnintstr.h"
#include "selection.h"
@@ -46,8 +53,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#define TRANS_SERVER
#include <X11/Xtrans/Xtrans.h>
#include "../os/osdep.h"
#include <stdio.h>
#include <stdarg.h>
#include "modinit.h"
@@ -56,7 +61,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/* private state record */
static DevPrivateKey stateKey = &stateKey;
static DevPrivateKey subjectKey = &subjectKey;
static DevPrivateKey objectKey = &objectKey;
/* This is what we store for security state */
typedef struct {
@@ -64,7 +70,12 @@ typedef struct {
struct avc_entry_ref aeref;
char *command;
int privileged;
} SELinuxStateRec;
} SELinuxSubjectRec;
typedef struct {
security_id_t sid;
int poly;
} SELinuxObjectRec;
/* selection manager */
typedef struct {
@@ -81,6 +92,7 @@ static int audit_fd;
/* structure passed to auditing callback */
typedef struct {
ClientPtr client; /* client */
DeviceIntPtr dev; /* device */
char *command; /* client's executable path */
unsigned id; /* resource id, if any */
int restype; /* resource type, if any */
@@ -122,11 +134,11 @@ static struct security_class_mapping map[] = {
{ "x_gc", { "", "", "destroy", "create", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
{ "x_font", { "", "", "destroy", "create", "getattr", "", "", "", "", "", "", "", "add_glyph", "remove_glyph", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
{ "x_colormap", { "read", "write", "destroy", "create", "getattr", "", "", "", "", "", "", "", "add_color", "remove_color", "", "", "", "", "", "", "install", "uninstall", "", "", "use", NULL }},
{ "x_property", { "read", "write", "destroy", "create", NULL }},
{ "x_property", { "read", "write", "destroy", "create", "getattr", "setattr", NULL }},
{ "x_selection", { "read", "", "", "", "getattr", "setattr", NULL }},
{ "x_cursor", { "read", "write", "destroy", "create", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
{ "x_client", { "", "", "destroy", "", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "manage", NULL }},
{ "x_device", { "read", "write", "", "", "getattr", "setattr", "", "", "", "getfocus", "setfocus", "", "", "", "", "", "", "grab", "freeze", "force_cursor", "", "", "", "", "", "manage", "", "bell", NULL }},
{ "x_device", { "read", "write", "", "", "getattr", "setattr", "", "", "", "getfocus", "setfocus", "", "", "", "", "", "", "grab", "freeze", "force_cursor", "", "", "", "", "use", "manage", "", "bell", NULL }},
{ "x_server", { "record", "", "", "", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "grab", "", "", "", "", "", "", "", "manage", "debug", NULL }},
{ "x_extension", { "", "", "", "", "query", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
{ "x_event", { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "send", "receive", NULL }},
@@ -150,7 +162,7 @@ static pointer truep = (pointer)1;
* Looks up the SID corresponding to the given selection atom
*/
static int
SELinuxSelectionToSID(Atom selection, SELinuxStateRec *sid_return)
SELinuxSelectionToSID(Atom selection, SELinuxObjectRec *sid_return)
{
const char *name;
unsigned i, size;
@@ -197,7 +209,7 @@ SELinuxSelectionToSID(Atom selection, SELinuxStateRec *sid_return)
*/
static int
SELinuxEventToSID(unsigned type, security_id_t sid_of_window,
SELinuxStateRec *sid_return)
SELinuxObjectRec *sid_return)
{
const char *name = LookupEventName(type);
security_context_t con;
@@ -288,7 +300,7 @@ SELinuxTypeToClass(RESTYPE type)
* Performs an SELinux permission check.
*/
static int
SELinuxDoCheck(SELinuxStateRec *subj, SELinuxStateRec *obj,
SELinuxDoCheck(SELinuxSubjectRec *subj, SELinuxObjectRec *obj,
security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
{
/* serverClient requests OK */
@@ -300,9 +312,11 @@ SELinuxDoCheck(SELinuxStateRec *subj, SELinuxStateRec *obj,
if (avc_has_perm(subj->sid, obj->sid, class, mode, &subj->aeref,
auditdata) < 0) {
if (mode == DixUnknownAccess)
return Success; /* DixUnknownAccess requests OK ... for now */
if (errno == EACCES)
return BadAccess;
ErrorF("ServerPerm: unexpected error %d\n", errno);
ErrorF("SELinux: avc_has_perm: unexpected error %d\n", errno);
return BadValue;
}
@@ -316,11 +330,14 @@ static void
SELinuxLabelClient(ClientPtr client)
{
XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
SELinuxStateRec *state;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
security_context_t ctx;
state = dixLookupPrivate(&client->devPrivates, stateKey);
sidput(state->sid);
subj = dixLookupPrivate(&client->devPrivates, subjectKey);
sidput(subj->sid);
obj = dixLookupPrivate(&client->devPrivates, objectKey);
sidput(obj->sid);
if (_XSERVTransIsLocal(ci)) {
int fd = _XSERVTransGetConnectionNumber(ci);
@@ -331,7 +348,7 @@ SELinuxLabelClient(ClientPtr client)
/* For local clients, can get context from the socket */
if (getpeercon(fd, &ctx) < 0)
FatalError("Client %d: couldn't get context from socket\n",
FatalError("SELinux: client %d: couldn't get context from socket\n",
client->index);
/* Try and determine the client's executable name */
@@ -349,24 +366,25 @@ SELinuxLabelClient(ClientPtr client)
if (bytes <= 0)
goto finish;
state->command = xalloc(bytes);
if (!state->command)
subj->command = xalloc(bytes);
if (!subj->command)
goto finish;
memcpy(state->command, path, bytes);
state->command[bytes - 1] = 0;
memcpy(subj->command, path, bytes);
subj->command[bytes - 1] = 0;
} else
/* For remote clients, need to use a default context */
if (selabel_lookup(label_hnd, &ctx, NULL, SELABEL_X_CLIENT) < 0)
FatalError("Client %d: couldn't get default remote context\n",
client->index);
FatalError("SELinux: failed to look up remote-client context\n");
finish:
/* Get a SID from the context */
if (avc_context_to_sid(ctx, &state->sid) < 0)
FatalError("Client %d: context_to_sid(%s) failed\n",
if (avc_context_to_sid(ctx, &subj->sid) < 0)
FatalError("SELinux: client %d: context_to_sid(%s) failed\n",
client->index, ctx);
sidget(subj->sid);
obj->sid = subj->sid;
freecon(ctx);
}
@@ -378,23 +396,27 @@ SELinuxLabelInitial(void)
{
int i;
XaceScreenAccessRec srec;
SELinuxStateRec *state;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
security_context_t ctx;
pointer unused;
/* Do the serverClient */
state = dixLookupPrivate(&serverClient->devPrivates, stateKey);
state->privileged = 1;
sidput(state->sid);
subj = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
obj = dixLookupPrivate(&serverClient->devPrivates, objectKey);
subj->privileged = 1;
sidput(subj->sid);
/* Use the context of the X server process for the serverClient */
if (getcon(&ctx) < 0)
FatalError("Couldn't get context of X server process\n");
FatalError("SELinux: couldn't get context of X server process\n");
/* Get a SID from the context */
if (avc_context_to_sid(ctx, &state->sid) < 0)
FatalError("serverClient: context_to_sid(%s) failed\n", ctx);
if (avc_context_to_sid(ctx, &subj->sid) < 0)
FatalError("SELinux: serverClient: context_to_sid(%s) failed\n", ctx);
sidget(subj->sid);
obj->sid = subj->sid;
freecon(ctx);
srec.client = serverClient;
@@ -441,11 +463,15 @@ SELinuxAudit(void *auditdata,
propertyName = audit->property ? NameForAtom(audit->property) : NULL;
selectionName = audit->selection ? NameForAtom(audit->selection) : NULL;
return snprintf(msgbuf, msgbufsize, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
return snprintf(msgbuf, msgbufsize,
"%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
(major >= 0) ? "request=" : "",
(major >= 0) ? LookupRequestName(major, minor) : "",
audit->command ? " comm=" : "",
audit->command ? audit->command : "",
audit->dev ? " xdevice=\"" : "",
audit->dev ? audit->dev->name : "",
audit->dev ? "\"" : "",
audit->id ? " resid=" : "",
audit->id ? idNum : "",
audit->restype ? " restype=" : "",
@@ -482,20 +508,27 @@ static void
SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceDeviceAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->dev->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
if (rec->access_mode & DixCreateAccess) {
SELinuxSubjectRec *dsubj;
dsubj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
sidput(dsubj->sid);
sidput(obj->sid);
/* Label the device directly with the process SID */
sidget(subj->sid);
obj->sid = subj->sid;
sidget(subj->sid);
dsubj->sid = subj->sid;
}
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
@@ -508,17 +541,18 @@ static void
SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceSendAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = rec->client };
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
security_class_t class;
int rc, i, type;
if (rec->dev)
subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
else
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, objectKey);
/* Check send permission on window */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,
@@ -549,13 +583,14 @@ static void
SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceReceiveAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj, ev_sid;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = NULL };
security_class_t class;
int rc, i, type;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, objectKey);
/* Check receive permission on window */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,
@@ -586,12 +621,13 @@ static void
SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceExtAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj, *serv;
SELinuxSubjectRec *subj, *serv;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->ext->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->ext->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
/* XXX there should be a separate callback for this */
@@ -600,9 +636,9 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
security_context_t con;
security_id_t sid;
serv = dixLookupPrivate(&serverClient->devPrivates, stateKey);
serv = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
/* Look in the mappings of property names to contexts */
/* Look in the mappings of extension names to contexts */
if (selabel_lookup(label_hnd, &con, name, SELABEL_X_EXT) < 0) {
ErrorF("SELinux: a property label lookup failed!\n");
rec->status = BadValue;
@@ -640,12 +676,13 @@ static void
SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XacePropertyAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->pProp->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->pProp->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
if (rec->access_mode & DixCreateAccess) {
@@ -691,13 +728,15 @@ static void
SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceResourceAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj, *pobj;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj, *sobj, *pobj;
SELinuxAuditRec auditdata = { .client = rec->client };
PrivateRec **privatePtr;
security_class_t class;
int rc, offset;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
sobj = dixLookupPrivate(&rec->client->devPrivates, objectKey);
/* Determine if the resource object has a devPrivates field */
offset = dixLookupPrivateOffset(rec->rtype);
@@ -705,12 +744,12 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* No: use the SID of the owning client */
class = SECCLASS_X_RESOURCE;
privatePtr = &clients[CLIENT_ID(rec->id)]->devPrivates;
obj = dixLookupPrivate(privatePtr, stateKey);
obj = dixLookupPrivate(privatePtr, objectKey);
} else {
/* Yes: use the SID from the resource object itself */
class = SELinuxTypeToClass(rec->rtype);
privatePtr = DEVPRIV_AT(rec->res, offset);
obj = dixLookupPrivate(privatePtr, stateKey);
obj = dixLookupPrivate(privatePtr, objectKey);
}
/* If this is a new object that needs labeling, do it now */
@@ -719,10 +758,10 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
offset = dixLookupPrivateOffset(rec->ptype);
if (rec->parent && offset >= 0)
/* Use the SID of the parent object in the labeling operation */
pobj = dixLookupPrivate(DEVPRIV_AT(rec->parent, offset), stateKey);
pobj = dixLookupPrivate(DEVPRIV_AT(rec->parent, offset), objectKey);
else
/* Use the SID of the subject */
pobj = subj;
pobj = sobj;
sidput(obj->sid);
@@ -746,13 +785,14 @@ static void
SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
{
XaceScreenAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
Mask access_mode = rec->access_mode;
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->screen->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->screen->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
if (access_mode & DixCreateAccess) {
@@ -779,12 +819,13 @@ static void
SELinuxClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceClientAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->target->devPrivates, objectKey);
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,
&auditdata);
@@ -796,12 +837,13 @@ static void
SELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceServerAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&serverClient->devPrivates, objectKey);
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,
&auditdata);
@@ -813,11 +855,12 @@ static void
SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XaceSelectionAccessRec *rec = (XaceSelectionAccessRec *)calldata;
SELinuxStateRec *subj, sel_sid;
SELinuxSubjectRec *subj;
SELinuxObjectRec sel_sid;
SELinuxAuditRec auditdata = { .client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
rc = SELinuxSelectionToSID(rec->name, &sel_sid);
if (rc != Success) {
@@ -864,18 +907,19 @@ static void
SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
ResourceStateInfoRec *rec = calldata;
SELinuxStateRec *state;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
WindowPtr pWin;
if (rec->type != RT_WINDOW)
return;
pWin = (WindowPtr)rec->value;
state = dixLookupPrivate(&wClient(pWin)->devPrivates, stateKey);
subj = dixLookupPrivate(&wClient(pWin)->devPrivates, subjectKey);
if (state->sid) {
if (subj->sid) {
security_context_t ctx;
int rc = avc_sid_to_context(state->sid, &ctx);
int rc = avc_sid_to_context(subj->sid, &ctx);
if (rc < 0)
FatalError("SELinux: Failed to get security context!\n");
rc = dixChangeWindowProperty(serverClient,
@@ -887,11 +931,11 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
} else
FatalError("SELinux: Unexpected unlabeled client found\n");
state = dixLookupPrivate(&pWin->devPrivates, stateKey);
obj = dixLookupPrivate(&pWin->devPrivates, objectKey);
if (state->sid) {
if (obj->sid) {
security_context_t ctx;
int rc = avc_sid_to_context(state->sid, &ctx);
int rc = avc_sid_to_context(obj->sid, &ctx);
if (rc < 0)
FatalError("SELinux: Failed to get security context!\n");
rc = dixChangeWindowProperty(serverClient,
@@ -908,41 +952,11 @@ static void
SELinuxSelectionState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
SelectionInfoRec *rec = calldata;
SELinuxStateRec *subj, *obj;
switch (rec->kind) {
case SelectionSetOwner:
/* save off the "real" owner of the selection */
rec->selection->alt_client = rec->selection->client;
rec->selection->alt_window = rec->selection->window;
/* figure out the new label for the content */
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->selection->devPrivates, stateKey);
sidput(obj->sid);
if (avc_compute_create(subj->sid, subj->sid, SECCLASS_X_SELECTION,
&obj->sid) < 0) {
ErrorF("SELinux: a compute_create call failed!\n");
obj->sid = unlabeled_sid;
}
break;
case SelectionGetOwner:
/* restore the real owner */
rec->selection->window = rec->selection->alt_window;
break;
case SelectionConvertSelection:
/* redirect the convert request if necessary */
if (securityManager && securityManager != rec->client) {
rec->selection->client = securityManager;
rec->selection->window = securityWindow;
} else {
rec->selection->client = rec->selection->alt_client;
rec->selection->window = rec->selection->alt_window;
}
break;
default:
break;
}
@@ -954,27 +968,47 @@ SELinuxSelectionState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
*/
static void
SELinuxStateInit(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxSubjectInit(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
PrivateCallbackRec *rec = calldata;
SELinuxStateRec *state = *rec->value;
SELinuxSubjectRec *subj = *rec->value;
sidget(unlabeled_sid);
state->sid = unlabeled_sid;
subj->sid = unlabeled_sid;
avc_entry_ref_init(&state->aeref);
avc_entry_ref_init(&subj->aeref);
}
static void
SELinuxStateFree(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxSubjectFree(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
PrivateCallbackRec *rec = calldata;
SELinuxStateRec *state = *rec->value;
SELinuxSubjectRec *subj = *rec->value;
xfree(state->command);
xfree(subj->command);
if (avc_active)
sidput(state->sid);
sidput(subj->sid);
}
static void
SELinuxObjectInit(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
PrivateCallbackRec *rec = calldata;
SELinuxObjectRec *obj = *rec->value;
sidget(unlabeled_sid);
obj->sid = unlabeled_sid;
}
static void
SELinuxObjectFree(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
PrivateCallbackRec *rec = calldata;
SELinuxObjectRec *obj = *rec->value;
if (avc_active)
sidput(obj->sid);
}
@@ -1065,7 +1099,8 @@ ProcSELinuxSetDeviceContext(ClientPtr client)
char *ctx;
security_id_t sid;
DeviceIntPtr dev;
SELinuxStateRec *state;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
int rc;
REQUEST(SELinuxSetContextReq);
@@ -1083,9 +1118,13 @@ ProcSELinuxSetDeviceContext(ClientPtr client)
if (rc != Success)
return BadValue;
state = dixLookupPrivate(&dev->devPrivates, stateKey);
sidput(state->sid);
state->sid = sid;
subj = dixLookupPrivate(&dev->devPrivates, subjectKey);
sidput(subj->sid);
subj->sid = sid;
obj = dixLookupPrivate(&dev->devPrivates, objectKey);
sidput(obj->sid);
obj->sid = sid;
return Success;
}
@@ -1094,7 +1133,7 @@ ProcSELinuxGetDeviceContext(ClientPtr client)
{
char *ctx;
DeviceIntPtr dev;
SELinuxStateRec *state;
SELinuxSubjectRec *subj;
SELinuxGetContextReply rep;
int rc;
@@ -1105,8 +1144,8 @@ ProcSELinuxGetDeviceContext(ClientPtr client)
if (rc != Success)
return rc;
state = dixLookupPrivate(&dev->devPrivates, stateKey);
rc = avc_sid_to_context(state->sid, &ctx);
subj = dixLookupPrivate(&dev->devPrivates, subjectKey);
rc = avc_sid_to_context(subj->sid, &ctx);
if (rc != Success)
return BadValue;
@@ -1146,7 +1185,7 @@ ProcSELinuxGetPropertyContext(ClientPtr client)
char *ctx;
WindowPtr pWin;
PropertyPtr pProp;
SELinuxStateRec *state;
SELinuxObjectRec *obj;
SELinuxGetContextReply rep;
int rc;
@@ -1166,12 +1205,12 @@ ProcSELinuxGetPropertyContext(ClientPtr client)
if (!pProp)
return BadValue;
rc = XaceHook(XACE_PROPERTY_ACCESS, client, pWin, pProp, DixGetAttrAccess);
rc = XaceHookPropertyAccess(client, pWin, pProp, DixGetAttrAccess);
if (rc != Success)
return rc;
state = dixLookupPrivate(&pProp->devPrivates, stateKey);
rc = avc_sid_to_context(state->sid, &ctx);
obj = dixLookupPrivate(&pProp->devPrivates, objectKey);
rc = avc_sid_to_context(obj->sid, &ctx);
if (rc != Success)
return BadValue;
@@ -1210,7 +1249,7 @@ ProcSELinuxGetWindowContext(ClientPtr client)
{
char *ctx;
WindowPtr pWin;
SELinuxStateRec *state;
SELinuxObjectRec *obj;
SELinuxGetContextReply rep;
int rc;
@@ -1221,8 +1260,8 @@ ProcSELinuxGetWindowContext(ClientPtr client)
if (rc != Success)
return rc;
state = dixLookupPrivate(&pWin->devPrivates, stateKey);
rc = avc_sid_to_context(state->sid, &ctx);
obj = dixLookupPrivate(&pWin->devPrivates, objectKey);
rc = avc_sid_to_context(obj->sid, &ctx);
if (rc != Success)
return BadValue;
@@ -1244,6 +1283,24 @@ ProcSELinuxGetWindowContext(ClientPtr client)
return client->noClientException;
}
static int
ProcSELinuxSetSelectionCreateContext(ClientPtr client)
{
return Success;
}
static int
ProcSELinuxGetSelectionCreateContext(ClientPtr client)
{
return Success;
}
static int
ProcSELinuxGetSelectionContext(ClientPtr client)
{
return Success;
}
static int
ProcSELinuxDispatch(ClientPtr client)
{
@@ -1275,6 +1332,12 @@ ProcSELinuxDispatch(ClientPtr client)
return ProcSELinuxGetWindowCreateContext(client);
case X_SELinuxGetWindowContext:
return ProcSELinuxGetWindowContext(client);
case X_SELinuxSetSelectionCreateContext:
return ProcSELinuxSetSelectionCreateContext(client);
case X_SELinuxGetSelectionCreateContext:
return ProcSELinuxGetSelectionCreateContext(client);
case X_SELinuxGetSelectionContext:
return ProcSELinuxGetSelectionContext(client);
default:
return BadRequest;
}
@@ -1382,6 +1445,28 @@ SProcSELinuxGetWindowContext(ClientPtr client)
return ProcSELinuxGetWindowContext(client);
}
static int
SProcSELinuxSetSelectionCreateContext(ClientPtr client)
{
REQUEST(SELinuxSetCreateContextReq);
int n;
REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq);
swaps(&stuff->context_len, n);
return ProcSELinuxSetSelectionCreateContext(client);
}
static int
SProcSELinuxGetSelectionContext(ClientPtr client)
{
REQUEST(SELinuxGetContextReq);
int n;
REQUEST_SIZE_MATCH(SELinuxGetContextReq);
swapl(&stuff->id, n);
return ProcSELinuxGetSelectionContext(client);
}
static int
SProcSELinuxDispatch(ClientPtr client)
{
@@ -1417,6 +1502,12 @@ SProcSELinuxDispatch(ClientPtr client)
return ProcSELinuxGetWindowCreateContext(client);
case X_SELinuxGetWindowContext:
return SProcSELinuxGetWindowContext(client);
case X_SELinuxSetSelectionCreateContext:
return SProcSELinuxSetSelectionCreateContext(client);
case X_SELinuxGetSelectionCreateContext:
return ProcSELinuxGetSelectionCreateContext(client);
case X_SELinuxGetSelectionContext:
return SProcSELinuxGetSelectionContext(client);
default:
return BadRequest;
}
@@ -1516,7 +1607,8 @@ SELinuxExtensionInit(INITARGS)
FatalError("SELinux: Failed to open the system audit log\n");
/* Allocate private storage */
if (!dixRequestPrivate(stateKey, sizeof(SELinuxStateRec)))
if (!dixRequestPrivate(subjectKey, sizeof(SELinuxSubjectRec)) ||
!dixRequestPrivate(objectKey, sizeof(SELinuxObjectRec)))
FatalError("SELinux: Failed to allocate private storage.\n");
/* Create atoms for doing window labeling */
@@ -1528,8 +1620,10 @@ SELinuxExtensionInit(INITARGS)
FatalError("SELinux: Failed to create atom\n");
/* Register callbacks */
ret &= dixRegisterPrivateInitFunc(stateKey, SELinuxStateInit, NULL);
ret &= dixRegisterPrivateDeleteFunc(stateKey, SELinuxStateFree, NULL);
ret &= dixRegisterPrivateInitFunc(subjectKey, SELinuxSubjectInit, NULL);
ret &= dixRegisterPrivateDeleteFunc(subjectKey, SELinuxSubjectFree, NULL);
ret &= dixRegisterPrivateInitFunc(objectKey, SELinuxObjectInit, NULL);
ret &= dixRegisterPrivateDeleteFunc(objectKey, SELinuxObjectFree, NULL);
ret &= AddCallback(&ClientStateCallback, SELinuxClientState, NULL);
ret &= AddCallback(&ResourceStateCallback, SELinuxResourceState, NULL);

3
Xext/xselinux.h
View File

@@ -43,6 +43,9 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#define X_SELinuxSetWindowCreateContext 10
#define X_SELinuxGetWindowCreateContext 11
#define X_SELinuxGetWindowContext 12
#define X_SELinuxSetSelectionCreateContext 13
#define X_SELinuxGetSelectionCreateContext 14
#define X_SELinuxGetSelectionContext 15
typedef struct {
CARD8 reqType;