Xnamespace: property access hook

Filter property access. Right now just allowed inside same namespace,
or when caller is in root namespace.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>

Xext/namespace/hook-property.c

@@ -0,0 +1,47 @@
+#define HOOK_NAME "property"
+
+#include <dix-config.h>
+
+#include <stdio.h>
+
+#include "dix/dix_priv.h"
+#include "dix/registry_priv.h"
+#include "include/propertyst.h"
+#include "Xext/xacestr.h"
+
+#include "namespace.h"
+#include "hooks.h"
+
+static inline Bool winIsRoot(WindowPtr pWin) {
+    if (!pWin)
+        return FALSE;
+    if (pWin->drawable.pScreen->root == pWin)
+        return TRUE;
+    return FALSE;
+}
+
+void hookPropertyAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
+{
+    XNS_HOOK_HEAD(XacePropertyAccessRec);
+    struct XnamespaceClientPriv *obj = XnsClientPriv(dixClientForWindow(param->pWin));
+
+    ATOM name = (*param->ppProp)->propertyName;
+
+    if (XnsClientSameNS(subj, obj))
+        return;
+
+    if (param->pWin == subj->ns->rootWindow)
+        return;
+
+    if (winIsRoot(param->pWin)) {
+        XNS_HOOK_LOG("window is the screen's root window\n");
+    } else {
+        XNS_HOOK_LOG("not a root window\n");
+    }
+
+    XNS_HOOK_LOG("access to property %s (atom 0x%x) window 0x%lx of client %d\n",
+        NameForAtom(name),
+        name,
+        (unsigned long)param->pWin->drawable.id,
+        dixClientForWindow(param->pWin)->index);
+}

Xext/namespace/hooks.h

@@ -30,6 +30,7 @@ void hookDevice(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookExtAccess(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookInitRootWindow(CallbackListPtr *pcbl, void *unused, void *calldata);
+void hookPropertyAccess(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookReceive(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookSelectionFilter(CallbackListPtr *pcbl, void *unused, void *calldata);

Xext/namespace/meson.build

@@ -8,6 +8,7 @@ libxserver_namespace = static_library(
 		'hook-ext-access.c',
 		'hook-ext-dispatch.c',
 		'hook-init-rootwindow.c',
+		'hook-property.c',
 		'hook-receive.c',
 		'hook-resource.c',
 		'hook-selection.c',

Xext/namespace/namespace.c

@@ -38,6 +38,7 @@ NamespaceExtensionInit(void)
           XaceRegisterCallback(XACE_DEVICE_ACCESS, hookDevice, NULL) &&
           XaceRegisterCallback(XACE_EXT_DISPATCH, hookExtDispatch, NULL) &&
           XaceRegisterCallback(XACE_EXT_ACCESS, hookExtAccess, NULL) &&
+          XaceRegisterCallback(XACE_PROPERTY_ACCESS, hookPropertyAccess, NULL) &&
           XaceRegisterCallback(XACE_RECEIVE_ACCESS, hookReceive, NULL) &&
           XaceRegisterCallback(XACE_RESOURCE_ACCESS, hookResourceAccess, NULL) &&
           XaceRegisterCallback(XACE_SEND_ACCESS, hookSend, NULL) &&