frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xselinux: use the new ResourceStateCallback instead of the XACE_WINDOW_INIT hook.

This commit is contained in:
Eamon Walsh 2007-03-19 17:04:51 -04:00 committed by Eamon Walsh
parent 6a89106e9c
commit 78c962da76
1 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
Xext/xselinux.c
View File

@ -1217,26 +1217,34 @@ XSELinuxClientState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Labeling callbacks */ /* Labeling callbacks */
static void static void
XSELinuxWindowInit(CallbackListPtr *pcbl, pointer unused, pointer calldata) XSELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{ {
XaceWindowRec *rec = (XaceWindowRec*)calldata; ResourceStateInfoRec *rec = (ResourceStateInfoRec *)calldata;
WindowPtr pWin;
ClientPtr client;
security_context_t ctx; security_context_t ctx;
int rc; int rc;
if (HAVESTATE(rec->client)) { if (rec->type != RT_WINDOW)
rc = avc_sid_to_context(SID(rec->client), &ctx); return;
pWin = (WindowPtr)rec->value;
client = wClient(pWin);
if (HAVESTATE(client)) {
rc = avc_sid_to_context(SID(client), &ctx);
if (rc < 0) if (rc < 0)
FatalError("XSELinux: Failed to get security context!\n"); FatalError("XSELinux: Failed to get security context!\n");
rc = ChangeWindowProperty(rec->pWin, atom_client_ctx, XA_STRING, 8, rc = ChangeWindowProperty(pWin, atom_client_ctx, XA_STRING, 8,
PropModeReplace, strlen(ctx), ctx, FALSE); PropModeReplace, strlen(ctx), ctx, FALSE);
freecon(ctx); freecon(ctx);
} }
else else
rc = ChangeWindowProperty(rec->pWin, atom_client_ctx, XA_STRING, 8, rc = ChangeWindowProperty(pWin, atom_client_ctx, XA_STRING, 8,
PropModeReplace, 10, "UNLABELED!", FALSE); PropModeReplace, 10, "UNLABELED!", FALSE);
if (rc != Success) if (rc != Success)
FatalError("XSELinux: Failed to set context property on window!\n"); FatalError("XSELinux: Failed to set context property on window!\n");
} /* XSELinuxWindowInit */ } /* XSELinuxResourceState */
static char *XSELinuxKeywords[] = { static char *XSELinuxKeywords[] = {
#define XSELinuxKeywordComment 0 #define XSELinuxKeywordComment 0
@ -1836,6 +1844,8 @@ XSELinuxExtensionInit(INITARGS)
if (!AddCallback(&ClientStateCallback, XSELinuxClientState, NULL)) if (!AddCallback(&ClientStateCallback, XSELinuxClientState, NULL))
return; return;
if (!AddCallback(&ResourceStateCallback, XSELinuxResourceState, NULL))
return;
/* Create atoms for doing window labeling */ /* Create atoms for doing window labeling */
atom_ctx = MakeAtom("_SELINUX_CONTEXT", 16, 1); atom_ctx = MakeAtom("_SELINUX_CONTEXT", 16, 1);
@ -1870,7 +1880,6 @@ XSELinuxExtensionInit(INITARGS)
XaceRegisterCallback(XACE_BACKGRND_ACCESS, XSELinuxBackgrnd, NULL); XaceRegisterCallback(XACE_BACKGRND_ACCESS, XSELinuxBackgrnd, NULL);
XaceRegisterCallback(XACE_DRAWABLE_ACCESS, XSELinuxDrawable, NULL); XaceRegisterCallback(XACE_DRAWABLE_ACCESS, XSELinuxDrawable, NULL);
XaceRegisterCallback(XACE_PROPERTY_ACCESS, XSELinuxProperty, NULL); XaceRegisterCallback(XACE_PROPERTY_ACCESS, XSELinuxProperty, NULL);
XaceRegisterCallback(XACE_WINDOW_INIT, XSELinuxWindowInit, NULL);
/* XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, XSELinuxDeclare, NULL); /* XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, XSELinuxDeclare, NULL);
XaceRegisterCallback(XACE_DEVICE_ACCESS, XSELinuxDevice, NULL); */ XaceRegisterCallback(XACE_DEVICE_ACCESS, XSELinuxDevice, NULL); */