Merge 45505b1b17 into d403cbd25c

2025-07-04 13:43:31 -07:00 · 2025-07-04 13:43:31 -07:00 · 729c7a8ee1
parent d403cbd25c 45505b1b17
commit 729c7a8ee1
6 changed files with 90 additions and 22 deletions
--- a/Xext/namespace/config.c
+++ b/Xext/namespace/config.c
@ -8,11 +8,11 @@
 #include "namespace.h"

 struct Xnamespace ns_root = {
-    .allowMouseMotion = TRUE,
-    .allowShape = TRUE,
-    .allowTransparency = TRUE,
-    .allowXInput = TRUE,
-    .allowXKeyboard = TRUE,
+    .allowMouseMotion = ALLOW,
+    .allowShape = ALLOW,
+    .allowTransparency = ALLOW,
+    .allowXInput = ALLOW,
+    .allowXKeyboard = ALLOW,
    .builtin = TRUE,
    .name = NS_NAME_ROOT,
    .refcnt = 1,
@ -21,6 +21,11 @@ struct Xnamespace ns_root = {

 struct Xnamespace ns_anon = {
    .builtin = TRUE,
+    .allowMouseMotion = ASK,
+    .allowShape = ASK,
+    .allowTransparency = ASK,
+    .allowXInput = ASK,
+    .allowXKeyboard = ASK,
    .name = NS_NAME_ANONYMOUS,
    .refcnt = 1,
 };
@ -134,15 +139,55 @@ static void parseLine(char *line, struct Xnamespace **walk_ns)
        while ((token = strtok(NULL, " ")) != NULL)
        {
            if (strcmp(token, "mouse-motion") == 0)
-                curr->allowMouseMotion = TRUE;
+                curr->allowMouseMotion = ALLOW;
            else if (strcmp(token, "shape") == 0)
-                curr->allowShape = TRUE;
+                curr->allowShape = ALLOW;
            else if (strcmp(token, "transparency") == 0)
-                curr->allowTransparency = TRUE;
+                curr->allowTransparency = ALLOW;
            else if (strcmp(token, "xinput") == 0)
-                curr->allowXInput = TRUE;
+                curr->allowXInput = ALLOW;
            else if (strcmp(token, "xkeyboard") == 0)
-                curr->allowXKeyboard = TRUE;
+                curr->allowXKeyboard = ALLOW;
+            else
+                XNS_LOG("unknown allow: %s\n", token);
+        }
+        return;
+    }
+
+    if (strcmp(token, "ask") == 0)
+    {
+        while ((token = strtok(NULL, " ")) != NULL)
+        {
+            if (strcmp(token, "mouse-motion") == 0)
+                curr->allowMouseMotion = ASK;
+            else if (strcmp(token, "shape") == 0)
+                curr->allowShape = ASK;
+            else if (strcmp(token, "transparency") == 0)
+                curr->allowTransparency = ASK;
+            else if (strcmp(token, "xinput") == 0)
+                curr->allowXInput = ASK;
+            else if (strcmp(token, "xkeyboard") == 0)
+                curr->allowXKeyboard = ASK;
+            else
+                XNS_LOG("unknown allow: %s\n", token);
+        }
+        return;
+    }
+
+    if (strcmp(token, "deny") == 0)
+    {
+        while ((token = strtok(NULL, " ")) != NULL)
+        {
+            if (strcmp(token, "mouse-motion") == 0)
+                curr->allowMouseMotion = DENY;
+            else if (strcmp(token, "shape") == 0)
+                curr->allowShape = DENY;
+            else if (strcmp(token, "transparency") == 0)
+                curr->allowTransparency = DENY;
+            else if (strcmp(token, "xinput") == 0)
+                curr->allowXInput = DENY;
+            else if (strcmp(token, "xkeyboard") == 0)
+                curr->allowXKeyboard = DENY;
            else
                XNS_LOG("unknown allow: %s\n", token);
        }
--- a/Xext/namespace/hook-ext-access.c
+++ b/Xext/namespace/hook-ext-access.c
@ -43,13 +43,13 @@ void hookExtAccess(CallbackListPtr *pcbl, void *unused, void *calldata)

        /* only allowed if namespace has flag set */
        case EXTENSION_MAJOR_SHAPE:
-            if (subj->ns->allowShape)
+            if (XnsAuthAsk(*subj, Shape, subj->ns->allowShape))
                goto pass;
            goto reject;

        /* only allowed if namespace has flag set */
        case EXTENSION_MAJOR_XINPUT:
-            if (subj->ns->allowXInput)
+            if (XnsAuthAsk(*subj, XInput, subj->ns->allowXInput))
                goto pass;
            goto reject;
    }
--- a/Xext/namespace/hook-ext-dispatch.c
+++ b/Xext/namespace/hook-ext-dispatch.c
@ -39,7 +39,7 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata)

        /* allow several operations */
        case EXTENSION_MAJOR_XKEYBOARD:
-            if (subj->ns->allowXKeyboard)
+            if (XnsAuthAsk(*subj, XKeyboard, subj->ns->allowXKeyboard))
                goto pass;
            switch (client->minorOp) {
                case X_kbUseExtension:
@ -56,11 +56,11 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata)

        /* allow if namespace has flag set */
        case EXTENSION_MAJOR_SHAPE:
-            if (subj->ns->allowShape)
+            if (XnsAuthAsk(*subj, XKeyboard, subj->ns->allowShape))
                goto pass;
        break;
        case EXTENSION_MAJOR_XINPUT:
-            if (subj->ns->allowXInput)
+            if (XnsAuthAsk(*subj, XInput, subj->ns->allowXInput))
                goto pass;
            switch (client->minorOp) {
                case X_ListInputDevices:
--- a/Xext/namespace/hook-receive.c
+++ b/Xext/namespace/hook-receive.c
@ -35,7 +35,7 @@ hookReceive(CallbackListPtr *pcbl, void *unused, void *calldata)
                if (gev->extension == EXTENSION_MAJOR_XINPUT) {
                    switch (gev->evtype) {
                        case XI_RawMotion:
-                            if ((!subj->ns->allowMouseMotion) || !isRootWin(param->pWin))
+                            if (!XnsAuthAsk(*subj, Mouse, subj->ns->allowMouseMotion) || !isRootWin(param->pWin))
                                goto reject;
                            continue;
                        case XI_RawKeyPress:
--- a/Xext/namespace/hook-resource.c
+++ b/Xext/namespace/hook-resource.c
@ -31,7 +31,7 @@ void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
    if (param->rtype == X11_RESTYPE_WINDOW) {
        WindowPtr pWindow = (WindowPtr) param->res;
        if (param->access_mode & DixCreateAccess) {
-            if (!subj->ns->allowTransparency) {
+            if (!XnsAuthAsk(*subj, Transparency, subj->ns->allowTransparency)) {
                pWindow->forcedBG = TRUE;
            }
        }
--- a/Xext/namespace/namespace.h
+++ b/Xext/namespace/namespace.h
@ -4,12 +4,27 @@
 #include <stdio.h>
 #include <X11/Xmd.h>

+#include "extension_priv.h"
 #include "include/dixstruct.h"
 #include "include/list.h"
 #include "include/privates.h"
 #include "include/window.h"
 #include "include/windowstr.h"

+enum Authlevel {
+	DENY,
+	ASK,
+	ALLOW,
+};
+
+enum AuthType {
+	Mouse = EXTENSION_MAJOR_XINPUT,
+	Shape =  EXTENSION_MAJOR_SHAPE,
+	Transparency = EXTENSION_MAJOR_SHAPE,
+	XInput = EXTENSION_MAJOR_XINPUT,
+	XKeyboard = EXTENSION_MAJOR_XKEYBOARD,
+};
+
 struct auth_token {
    struct xorg_list entry;
    const char *authProto;
@ -22,11 +37,11 @@ struct Xnamespace {
    struct xorg_list entry;
    const char *name;
    Bool builtin;
-    Bool allowMouseMotion;
-    Bool allowShape;
-    Bool allowTransparency;
-    Bool allowXInput;
-    Bool allowXKeyboard;
+    enum Authlevel allowMouseMotion;
+    enum Authlevel allowShape;
+    enum Authlevel allowTransparency;
+    enum Authlevel allowXInput;
+    enum Authlevel allowXKeyboard;
    Bool superPower;
    struct xorg_list auth_tokens;
    size_t refcnt;
@ -79,4 +94,12 @@ static inline Bool streq(const char *a, const char *b)
    return (strcmp(a,b) == 0);
 }

+static inline Bool XnsAuthAsk(struct XnamespaceClientPriv source, enum AuthType event, enum Authlevel authlevel) {
+	//TODO
+	//Should spawn a window that knows the window's name and namespace (source), and what has been
+	//requested (event) if the authlevel is ASK
+	if (authlevel == ALLOW) return TRUE;
+	return FALSE;
+};
+
 #endif /* __XSERVER_NAMESPACE_H */