Xnamespace: whitelist some XI operations

Whitelisting some XI operations in various hooks. Note that some additional filtering needs to be done in send or receive hook in order to prevent clients to receive possibly sensible input data from the root window. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
2025-03-25 13:25:58 +01:00 · 2025-03-25 13:25:58 +01:00 · 8df9373199
parent 0a90e70a01
commit 8df9373199
3 changed files with 28 additions and 0 deletions
--- a/Xext/namespace/hook-device.c
+++ b/Xext/namespace/hook-device.c
@ -2,6 +2,8 @@

 #include <dix-config.h>

+#include <X11/extensions/XIproto.h>
+#include <X11/extensions/XI2proto.h>
 #include <X11/extensions/XKB.h>

 #include "dix/dix_priv.h"
@ -41,6 +43,15 @@ void hookDevice(CallbackListPtr *pcbl, void *unused, void *calldata)
                    XNS_HOOK_LOG("BLOCKED unhandled XKEYBOARD %s\n", LookupRequestName(client->majorOp, client->minorOp));
                    goto block;
            }
+        case EXTENSION_MAJOR_XINPUT:
+            switch (client->minorOp) {
+                case X_ListInputDevices:
+                case X_XIQueryDevice:
+                    goto pass;
+                default:
+                    XNS_HOOK_LOG("BLOCKED unhandled Xinput request\n");
+                    goto block;
+            }
    }

 block:
--- a/Xext/namespace/hook-ext-dispatch.c
+++ b/Xext/namespace/hook-ext-dispatch.c
@ -6,6 +6,7 @@
 #include <X11/Xdefs.h> // syncproto.h is broken
 #include <X11/Xmd.h>
 #include <X11/extensions/syncproto.h>
+#include <X11/extensions/XIproto.h>
 #include <X11/extensions/XKB.h>
 #include <X11/extensions/xfixeswire.h>

@ -61,6 +62,10 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata)
        case EXTENSION_MAJOR_XINPUT:
            if (subj->ns->allowXInput)
                goto pass;
+            switch (client->minorOp) {
+                case X_ListInputDevices:
+                    goto pass;
+            }
        break;

        case EXTENSION_MAJOR_XFIXES:
--- a/Xext/namespace/hook-resource.c
+++ b/Xext/namespace/hook-resource.c
@ -2,7 +2,10 @@

 #include <dix-config.h>

+#include <X11/extensions/XI2proto.h>
+
 #include "dix/dix_priv.h"
+#include "dix/extension_priv.h"
 #include "dix/window_priv.h"
 #include "Xext/xacestr.h"

@ -87,6 +90,15 @@ void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
                case X_SendEvent:
                    /* send hook needs to take care of this */
                    goto pass;
+
+                case EXTENSION_MAJOR_XINPUT:
+                    switch(client->minorOp) {
+                        // needed by xeyes. we should filter the mask
+                        case X_XISelectEvents:
+                            goto pass;
+                    }
+                    XNS_HOOK_LOG("unhandled XI operation on (real) root window\n");
+                    goto reject;
            }
        }
    }