From 473b8a0e38e4141008c34d630dcd6135eb6a37eb Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Fri, 21 Mar 2025 17:19:34 +0100
Subject: [PATCH] dix: helper for checking whether window ID belongs to a root
 window

This helper checks whether a given XID belongs to some screen's
root window. It does so by looking up the window and comparing that
with the window's screen's root window pointer. The resource lookup
is intentionally being on behalf of the serverClient, so the fired
XACE hook doesn't treat it as an actual client's request.

It's explicitly designed for being used by callback handlers.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
---
 dix/window.c      | 19 +++++++++++++++++++
 dix/window_priv.h | 12 ++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/dix/window.c b/dix/window.c
index f0882d21e..f4d39fd75 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -3715,3 +3715,22 @@ WindowGetVisual(WindowPtr pWin)
             return &pScreen->visuals[i];
     return 0;
 }
+
+/*
+ * @brief check whether a window (ID) is a screen root window
+ *
+ * The underlying resource query is explicitly done on behalf of serverClient,
+ * so XACE resource hooks don't recognize this as a client action.
+ * It's explicitly designed for use in hooks that don't wanna cause unncessary
+ * traffic in other XACE resource hooks: things done by the serverClient usually
+ * considered safe enough for not needing any additional security checks.
+ * (we don't have any way for completely skipping the XACE hook yet)
+ */
+Bool dixWindowIsRoot(Window window)
+{
+    WindowPtr pWin;
+    int rc = dixLookupWindow(&pWin, window, serverClient, DixGetAttrAccess);
+    if (rc != Success)
+        return FALSE;
+    return (pWin == pWin->drawable.pScreen->root);
+}
diff --git a/dix/window_priv.h b/dix/window_priv.h
index cf28b1f70..af6ab917c 100644
--- a/dix/window_priv.h
+++ b/dix/window_priv.h
@@ -41,4 +41,16 @@ WindowPtr dixCreateWindow(Window wid,
  */
 Bool MakeWindowOptional(WindowPtr pWin);
 
+/*
+ * @brief check whether a window (ID) is a screen root window
+ *
+ * The underlying resource query is explicitly done on behalf of serverClient,
+ * so XACE resource hooks don't recognize this as a client action.
+ * It's explicitly designed for use in hooks that don't wanna cause unncessary
+ * traffic in other XACE resource hooks: things done by the serverClient usually
+ * considered safe enough for not needing any additional security checks.
+ * (we don't have any way for completely skipping the XACE hook yet)
+ */
+Bool dixWindowIsRoot(Window window);
+
 #endif /* _XSERVER_DIX_WINDOW_PRIV_H */