frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xace: add new fields to resource access hook to allow parent resource objects 

to be passed in at create time.  Also added a missing devPrivates initializer.
This commit is contained in:
Eamon Walsh 2007-09-05 11:18:36 -04:00 committed by Eamon Walsh
parent ce9e83d913
commit 0003ccfcdf
13 changed files with 33 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Xext/xace.c
View File

@ -72,8 +72,10 @@ int XaceHook(int hook, ...)
va_arg(ap, ClientPtr), va_arg(ap, ClientPtr),
va_arg(ap, XID), va_arg(ap, XID),
va_arg(ap, RESTYPE), va_arg(ap, RESTYPE),
va_arg(ap, Mask),
va_arg(ap, pointer), va_arg(ap, pointer),
va_arg(ap, RESTYPE),
va_arg(ap, pointer),
va_arg(ap, Mask),
Success /* default allow */ Success /* default allow */
}; };
calldata = &rec; calldata = &rec;

4
Xext/xacestr.h
View File

@ -41,8 +41,10 @@ typedef struct {
ClientPtr client; ClientPtr client;
XID id; XID id;
RESTYPE rtype; RESTYPE rtype;
Mask access_mode;
pointer res; pointer res;
RESTYPE ptype;
pointer parent;
Mask access_mode;
int status; int status;
} XaceResourceAccessRec; } XaceResourceAccessRec;

2
composite/compext.c
View File

@ -459,7 +459,7 @@ ProcCompositeGetOverlayWindow (ClientPtr client)
} }
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id, rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id,
RT_WINDOW, DixGetAttrAccess, cs->pOverlayWin); RT_WINDOW, cs->pOverlayWin, RT_NONE, NULL, DixGetAttrAccess);
if (rc != Success) if (rc != Success)
return rc; return rc;

2
dix/colormap.c
View File

@ -397,7 +397,7 @@ CreateColormap (Colormap mid, ScreenPtr pScreen, VisualPtr pVisual,
* Security creation/labeling check * Security creation/labeling check
*/ */
i = XaceHook(XACE_RESOURCE_ACCESS, clients[client], mid, RT_COLORMAP, i = XaceHook(XACE_RESOURCE_ACCESS, clients[client], mid, RT_COLORMAP,
DixCreateAccess, pmap); pmap, RT_NONE, NULL, DixCreateAccess);
if (i != Success) { if (i != Success) {
FreeResource(mid, RT_NONE); FreeResource(mid, RT_NONE);
return i; return i;

7
dix/cursor.c
View File

@ -212,12 +212,12 @@ AllocARGBCursor(unsigned char *psrcbits, unsigned char *pmaskbits,
pCurs->backGreen = backGreen; pCurs->backGreen = backGreen;
pCurs->backBlue = backBlue; pCurs->backBlue = backBlue;
pCurs->devPrivates = NULL;
pCurs->id = cid; pCurs->id = cid;
pCurs->devPrivates = NULL;
/* security creation/labeling check */ /* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
DixCreateAccess, pCurs); pCurs, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) { if (rc != Success) {
dixFreePrivates(pCurs->devPrivates); dixFreePrivates(pCurs->devPrivates);
FreeCursorBits(bits); FreeCursorBits(bits);
@ -365,6 +365,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
bits->height = cm.height; bits->height = cm.height;
bits->xhot = cm.xhot; bits->xhot = cm.xhot;
bits->yhot = cm.yhot; bits->yhot = cm.yhot;
bits->devPrivates = NULL;
if (sourcefont != maskfont) if (sourcefont != maskfont)
bits->refcnt = -1; bits->refcnt = -1;
else else
@ -406,7 +407,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
/* security creation/labeling check */ /* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
DixCreateAccess, pCurs); pCurs, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) { if (rc != Success) {
dixFreePrivates(pCurs->devPrivates); dixFreePrivates(pCurs->devPrivates);
FreeCursorBits(bits); FreeCursorBits(bits);

2
dix/dispatch.c
View File

@ -1558,7 +1558,7 @@ CreatePmap:
pMap->drawable.id = stuff->pid; pMap->drawable.id = stuff->pid;
/* security creation/labeling check */ /* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP, rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP,
DixCreateAccess, pMap); pMap, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) { if (rc != Success) {
(*pDraw->pScreen->DestroyPixmap)(pMap); (*pDraw->pScreen->DestroyPixmap)(pMap);
return rc; return rc;

4
dix/gc.c
View File

@ -638,8 +638,8 @@ CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus,
pGC->stipple->refcnt++; pGC->stipple->refcnt++;
/* security creation/labeling check */ /* security creation/labeling check */
*pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC, *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC, pGC,
DixCreateAccess|DixSetAttrAccess, pGC); RT_NONE, NULL, DixCreateAccess|DixSetAttrAccess);
if (*pStatus != Success) if (*pStatus != Success)
goto out; goto out;

2
dix/resource.c
View File

@ -901,7 +901,7 @@ dixLookupResource(pointer *result, XID id, RESTYPE rtype,
if (client) { if (client) {
client->errorValue = id; client->errorValue = id;
cid = XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type, cid = XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type,
mode, res->value); res->value, RT_NONE, NULL, mode);
if (cid != Success) if (cid != Success)
return cid; return cid;
} }

10
dix/window.c
View File

@ -698,8 +698,8 @@ CreateWindow(Window wid, WindowPtr pParent, int x, int y, unsigned w,
/* security creation/labeling check /* security creation/labeling check
*/ */
*error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW, *error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW, pWin,
DixCreateAccess|DixSetAttrAccess, pWin); RT_WINDOW, pWin->parent, DixCreateAccess|DixSetAttrAccess);
if (*error != Success) { if (*error != Success) {
xfree(pWin); xfree(pWin);
return NullWindow; return NullWindow;
@ -955,7 +955,7 @@ DestroySubwindows(WindowPtr pWin, ClientPtr client)
while (pWin->lastChild) { while (pWin->lastChild) {
int rc = XaceHook(XACE_RESOURCE_ACCESS, client, int rc = XaceHook(XACE_RESOURCE_ACCESS, client,
pWin->lastChild->drawable.id, RT_WINDOW, pWin->lastChild->drawable.id, RT_WINDOW,
DixDestroyAccess, pWin->lastChild); pWin->lastChild, RT_NONE, NULL, DixDestroyAccess);
if (rc != Success) if (rc != Success)
return rc; return rc;
FreeResource(pWin->lastChild->drawable.id, RT_NONE); FreeResource(pWin->lastChild->drawable.id, RT_NONE);
@ -1275,7 +1275,7 @@ ChangeWindowAttributes(WindowPtr pWin, Mask vmask, XID *vlist, ClientPtr client)
} }
if (val == xTrue) { if (val == xTrue) {
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, rc = XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id,
RT_WINDOW, DixGrabAccess, pWin); RT_WINDOW, pWin, RT_NONE, NULL, DixGrabAccess);
if (rc != Success) { if (rc != Success) {
error = rc; error = rc;
client->errorValue = pWin->drawable.id; client->errorValue = pWin->drawable.id;
@ -2745,7 +2745,7 @@ MapWindow(WindowPtr pWin, ClientPtr client)
/* general check for permission to map window */ /* general check for permission to map window */
if (XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, RT_WINDOW, if (XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, RT_WINDOW,
DixShowAccess, pWin) != Success) pWin, RT_NONE, NULL, DixShowAccess) != Success)
return Success; return Success;
pScreen = pWin->drawable.pScreen; pScreen = pWin->drawable.pScreen;

6
render/animcur.c
View File

@ -377,12 +377,12 @@ AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *pp
pCursor->backGreen = cursors[0]->backGreen; pCursor->backGreen = cursors[0]->backGreen;
pCursor->backBlue = cursors[0]->backBlue; pCursor->backBlue = cursors[0]->backBlue;
pCursor->devPrivates = NULL;
pCursor->id = cid; pCursor->id = cid;
pCursor->devPrivates = NULL;
/* security creation/labeling check */ /* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, pCursor,
DixCreateAccess, pCursor); RT_NONE, NULL, DixCreateAccess);
if (rc != Success) { if (rc != Success) {
dixFreePrivates(pCursor->devPrivates); dixFreePrivates(pCursor->devPrivates);
xfree(pCursor); xfree(pCursor);

4
render/picture.c
View File

@ -727,8 +727,8 @@ CreatePicture (Picture pid,
pPicture->devPrivates = NULL; pPicture->devPrivates = NULL;
/* security creation/labeling check */ /* security creation/labeling check */
*error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, pPicture,
DixCreateAccess|DixSetAttrAccess, pPicture); RC_DRAWABLE, pDrawable, DixCreateAccess|DixSetAttrAccess);
if (*error != Success) if (*error != Success)
goto out; goto out;

10
render/render.c
View File

@ -1025,7 +1025,7 @@ ProcRenderCreateGlyphSet (ClientPtr client)
return BadAlloc; return BadAlloc;
/* security creation/labeling check */ /* security creation/labeling check */
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType, rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType,
DixCreateAccess, glyphSet); glyphSet, RT_NONE, NULL, DixCreateAccess);
if (rc != Success) if (rc != Success)
return rc; return rc;
if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet)) if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
@ -1903,7 +1903,7 @@ static int ProcRenderCreateSolidFill(ClientPtr client)
return error; return error;
/* security creation/labeling check */ /* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
DixCreateAccess, pPicture); pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success) if (error != Success)
return error; return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@ -1937,7 +1937,7 @@ static int ProcRenderCreateLinearGradient (ClientPtr client)
return error; return error;
/* security creation/labeling check */ /* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
DixCreateAccess, pPicture); pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success) if (error != Success)
return error; return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@ -1972,7 +1972,7 @@ static int ProcRenderCreateRadialGradient (ClientPtr client)
return error; return error;
/* security creation/labeling check */ /* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
DixCreateAccess, pPicture); pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success) if (error != Success)
return error; return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@ -2006,7 +2006,7 @@ static int ProcRenderCreateConicalGradient (ClientPtr client)
return error; return error;
/* security creation/labeling check */ /* security creation/labeling check */
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
DixCreateAccess, pPicture); pPicture, RT_NONE, NULL, DixCreateAccess);
if (error != Success) if (error != Success)
return error; return error;
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))

4
xfixes/cursor.c
View File

@ -351,7 +351,7 @@ ProcXFixesGetCursorImage (ClientPtr client)
if (!pCursor) if (!pCursor)
return BadCursor; return BadCursor;
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
DixReadAccess, pCursor); pCursor, RT_NONE, NULL, DixReadAccess);
if (rc != Success) if (rc != Success)
return rc; return rc;
GetSpritePosition (&x, &y); GetSpritePosition (&x, &y);
@ -503,7 +503,7 @@ ProcXFixesGetCursorImageAndName (ClientPtr client)
if (!pCursor) if (!pCursor)
return BadCursor; return BadCursor;
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
DixReadAccess|DixGetAttrAccess, pCursor); pCursor, RT_NONE, NULL, DixReadAccess|DixGetAttrAccess);
if (rc != Success) if (rc != Success)
return rc; return rc;
GetSpritePosition (&x, &y); GetSpritePosition (&x, &y);