From 59cebcd2e9302d15a52588ecafbbc2d2c5ae3a6c Mon Sep 17 00:00:00 2001 From: Eamon Walsh Date: Tue, 2 Oct 2007 13:39:25 -0400 Subject: [PATCH] xace: add creation hook for new input devices. Unfortunately, more information is needed to properly label the device. This will come from the configuration file, the hotplug messages, etc. It will either have to be passed into this function, or this hook moved down into the callers. --- dix/devices.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/dix/devices.c b/dix/devices.c index b6cb4a5c0..3395cd33d 100644 --- a/dix/devices.c +++ b/dix/devices.c @@ -119,7 +119,6 @@ AddInputDevice(DeviceProc deviceProc, Bool autoStart) dev->name = (char *)NULL; dev->type = 0; dev->id = devid; - inputInfo.numDevices++; dev->public.on = FALSE; dev->public.processInputProc = (ProcessInputProc)NoopDDA; dev->public.realInputProc = (ProcessInputProc)NoopDDA; @@ -156,6 +155,15 @@ AddInputDevice(DeviceProc deviceProc, Bool autoStart) dev->inited = FALSE; dev->enabled = FALSE; + /* security creation/labeling check + */ + if (XaceHook(XACE_DEVICE_ACCESS, serverClient, dev, DixCreateAccess)) { + xfree(dev); + return NULL; + } + + inputInfo.numDevices++; + for (prev = &inputInfo.off_devices; *prev; prev = &(*prev)->next) ; *prev = dev;