frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Xnamespace: added config and namespace auth levels 

I've only checked if it compiles, this is probably breaking behavior

Signed-off-by: SuperDuperDeou <87223140+SuperDuperDeou@users.noreply.github.com>
This commit is contained in:
SuperDuperDeou 2025-07-02 02:38:14 +02:00
parent 01ba7a7f40
commit 5015fc5e12
No known key found for this signature in database
GPG Key ID: 45C5B992E4E87A44
6 changed files with 73 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Xext/namespace/config.c
View File

@ -8,11 +8,11 @@
#include "namespace.h" #include "namespace.h"
struct Xnamespace ns_root = { struct Xnamespace ns_root = {
.allowMouseMotion = TRUE, .allowMouseMotion = ALLOW,
.allowShape = TRUE, .allowShape = ALLOW,
.allowTransparency = TRUE, .allowTransparency = ALLOW,
.allowXInput = TRUE, .allowXInput = ALLOW,
.allowXKeyboard = TRUE, .allowXKeyboard = ALLOW,
.builtin = TRUE, .builtin = TRUE,
.name = NS_NAME_ROOT, .name = NS_NAME_ROOT,
.refcnt = 1, .refcnt = 1,
@ -21,6 +21,11 @@ struct Xnamespace ns_root = {
struct Xnamespace ns_anon = { struct Xnamespace ns_anon = {
.builtin = TRUE, .builtin = TRUE,
.allowMouseMotion = ASK,
.allowShape = ASK,
.allowTransparency = ASK,
.allowXInput = ASK,
.allowXKeyboard = ASK,
.name = NS_NAME_ANONYMOUS, .name = NS_NAME_ANONYMOUS,
.refcnt = 1, .refcnt = 1,
}; };
@ -134,15 +139,55 @@ static void parseLine(char *line, struct Xnamespace **walk_ns)
while ((token = strtok(NULL, " ")) != NULL) while ((token = strtok(NULL, " ")) != NULL)
{ {
if (strcmp(token, "mouse-motion") == 0) if (strcmp(token, "mouse-motion") == 0)
curr->allowMouseMotion = TRUE; curr->allowMouseMotion = ALLOW;
else if (strcmp(token, "shape") == 0) else if (strcmp(token, "shape") == 0)
curr->allowShape = TRUE; curr->allowShape = ALLOW;
else if (strcmp(token, "transparency") == 0) else if (strcmp(token, "transparency") == 0)
curr->allowTransparency = TRUE; curr->allowTransparency = ALLOW;
else if (strcmp(token, "xinput") == 0) else if (strcmp(token, "xinput") == 0)
curr->allowXInput = TRUE; curr->allowXInput = ALLOW;
else if (strcmp(token, "xkeyboard") == 0) else if (strcmp(token, "xkeyboard") == 0)
curr->allowXKeyboard = TRUE; curr->allowXKeyboard = ALLOW;
else
XNS_LOG("unknown allow: %s\n", token);
}
return;
}
if (strcmp(token, "ask") == 0)
{
while ((token = strtok(NULL, " ")) != NULL)
{
if (strcmp(token, "mouse-motion") == 0)
curr->allowMouseMotion = ASK;
else if (strcmp(token, "shape") == 0)
curr->allowShape = ASK;
else if (strcmp(token, "transparency") == 0)
curr->allowTransparency = ASK;
else if (strcmp(token, "xinput") == 0)
curr->allowXInput = ASK;
else if (strcmp(token, "xkeyboard") == 0)
curr->allowXKeyboard = ASK;
else
XNS_LOG("unknown allow: %s\n", token);
}
return;
}
if (strcmp(token, "deny") == 0)
{
while ((token = strtok(NULL, " ")) != NULL)
{
if (strcmp(token, "mouse-motion") == 0)
curr->allowMouseMotion = DENY;
else if (strcmp(token, "shape") == 0)
curr->allowShape = DENY;
else if (strcmp(token, "transparency") == 0)
curr->allowTransparency = DENY;
else if (strcmp(token, "xinput") == 0)
curr->allowXInput = DENY;
else if (strcmp(token, "xkeyboard") == 0)
curr->allowXKeyboard = DENY;
else else
XNS_LOG("unknown allow: %s\n", token); XNS_LOG("unknown allow: %s\n", token);
} }

4
Xext/namespace/hook-ext-access.c
View File

@ -43,13 +43,13 @@ void hookExtAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
/* only allowed if namespace has flag set */ /* only allowed if namespace has flag set */
case EXTENSION_MAJOR_SHAPE: case EXTENSION_MAJOR_SHAPE:
if (subj->ns->allowShape) if (subj->ns->allowShape == ALLOW)
goto pass; goto pass;
goto reject; goto reject;
/* only allowed if namespace has flag set */ /* only allowed if namespace has flag set */
case EXTENSION_MAJOR_XINPUT: case EXTENSION_MAJOR_XINPUT:
if (subj->ns->allowXInput) if (subj->ns->allowXInput == ALLOW)
goto pass; goto pass;
goto reject; goto reject;
} }

6
Xext/namespace/hook-ext-dispatch.c
View File

@ -39,7 +39,7 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata)
/* allow several operations */ /* allow several operations */
case EXTENSION_MAJOR_XKEYBOARD: case EXTENSION_MAJOR_XKEYBOARD:
if (subj->ns->allowXKeyboard) if (subj->ns->allowXKeyboard == ALLOW)
goto pass; goto pass;
switch (client->minorOp) { switch (client->minorOp) {
case X_kbUseExtension: case X_kbUseExtension:
@ -56,11 +56,11 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata)
/* allow if namespace has flag set */ /* allow if namespace has flag set */
case EXTENSION_MAJOR_SHAPE: case EXTENSION_MAJOR_SHAPE:
if (subj->ns->allowShape) if (subj->ns->allowShape == ALLOW)
goto pass; goto pass;
break; break;
case EXTENSION_MAJOR_XINPUT: case EXTENSION_MAJOR_XINPUT:
if (subj->ns->allowXInput) if (subj->ns->allowXInput == ALLOW)
goto pass; goto pass;
switch (client->minorOp) { switch (client->minorOp) {
case X_ListInputDevices: case X_ListInputDevices:

2
Xext/namespace/hook-receive.c
View File

@ -35,7 +35,7 @@ hookReceive(CallbackListPtr *pcbl, void *unused, void *calldata)
if (gev->extension == EXTENSION_MAJOR_XINPUT) { if (gev->extension == EXTENSION_MAJOR_XINPUT) {
switch (gev->evtype) { switch (gev->evtype) {
case XI_RawMotion: case XI_RawMotion:
if ((!subj->ns->allowMouseMotion) || !isRootWin(param->pWin)) if ((!(subj->ns->allowMouseMotion == ALLOW)) || !isRootWin(param->pWin))
goto reject; goto reject;
continue; continue;
case XI_RawKeyPress: case XI_RawKeyPress:

2
Xext/namespace/hook-resource.c
View File

@ -31,7 +31,7 @@ void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
if (param->rtype == X11_RESTYPE_WINDOW) { if (param->rtype == X11_RESTYPE_WINDOW) {
WindowPtr pWindow = (WindowPtr) param->res; WindowPtr pWindow = (WindowPtr) param->res;
if (param->access_mode & DixCreateAccess) { if (param->access_mode & DixCreateAccess) {
if (!subj->ns->allowTransparency) { if (!(subj->ns->allowTransparency == ALLOW)) {
pWindow->forcedBG = TRUE; pWindow->forcedBG = TRUE;
} }
} }

16
Xext/namespace/namespace.h
View File

@ -10,6 +10,12 @@
#include "include/window.h" #include "include/window.h"
#include "include/windowstr.h" #include "include/windowstr.h"
enum Authlevel {
DENY,
ASK,
ALLOW,
};
struct auth_token { struct auth_token {
struct xorg_list entry; struct xorg_list entry;
const char *authProto; const char *authProto;
@ -22,11 +28,11 @@ struct Xnamespace {
struct xorg_list entry; struct xorg_list entry;
const char *name; const char *name;
Bool builtin; Bool builtin;
Bool allowMouseMotion; enum Authlevel allowMouseMotion;
Bool allowShape; enum Authlevel allowShape;
Bool allowTransparency; enum Authlevel allowTransparency;
Bool allowXInput; enum Authlevel allowXInput;
Bool allowXKeyboard; enum Authlevel allowXKeyboard;
Bool superPower; Bool superPower;
struct xorg_list auth_tokens; struct xorg_list auth_tokens;
size_t refcnt; size_t refcnt;