security: drop the "declare extension security" dix call. Use the

SecurityPolicy configuration file instead.
2007-08-03 10:56:18 -04:00 · 2007-08-03 10:56:18 -04:00 · d445d2f22b
parent e34fcd2bf4
commit d445d2f22b
10 changed files with 67 additions and 65 deletions
--- a/Xext/SecurityPolicy
+++ b/Xext/SecurityPolicy
@ -86,3 +86,8 @@ property XDCCC_GRAY_CORRECTION	root	ar
 # To let untrusted clients use the overlay visuals that many vendors
 # support, include this line.
 property SERVER_OVERLAY_VISUALS	root	ar
 # Only trusted extensions can be used by untrusted clients
 trust extension XC-MISC
 trust extension BIG-REQUESTS
 trust extension XpExtension
--- a/Xext/bigreq.c
+++ b/Xext/bigreq.c
@ -66,8 +66,6 @@ BigReqExtensionInit(INITARGS)
 			ProcBigReqDispatch, ProcBigReqDispatch,
 			BigReqResetProc, StandardMinorOpcode);
 #endif
    DeclareExtensionSecurity(XBigReqExtensionName, TRUE);
 }
 /*ARGSUSED*/
--- a/Xext/security.c
+++ b/Xext/security.c
@ -63,8 +63,6 @@ typedef struct {
    XID authId;
 } SecurityClientStateRec;
 #define EXTLEVEL(extnsn) ((Bool) \
    dixLookupPrivate(DEVPRIV_PTR(extnsn), &stateKey))
 #define HAVESTATE(client) (((SecurityClientStateRec *) \
    dixLookupPrivate(DEVPRIV_PTR(client), &stateKey))->haveState)
 #define TRUSTLEVEL(client) (((SecurityClientStateRec *) \
@ -74,6 +72,9 @@ typedef struct {
 static CallbackListPtr SecurityValidateGroupCallback = NULL;
 static char **SecurityTrustedExtensions = NULL;
 static int nSecurityTrustedExtensions = 0;
 RESTYPE SecurityAuthorizationResType; /* resource type for authorizations */
 static RESTYPE RTEventClient;
@ -1210,10 +1211,13 @@ SecurityCheckExtAccess(CallbackListPtr *pcbl, pointer unused,
 		       pointer calldata)
 {
    XaceExtAccessRec *rec = (XaceExtAccessRec*)calldata;
    int i, trusted = 0;
-    if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) &&
+    for (i = 0; i < nSecurityTrustedExtensions; i++)
-	!EXTLEVEL(rec->ext))
+	if (!strcmp(SecurityTrustedExtensions[i], rec->ext->name))
 	    trusted = 1;
    if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) && !trusted)
 	rec->status = BadAccess;
 }
@ -1235,16 +1239,6 @@ SecurityCheckHostlistAccess(CallbackListPtr *pcbl, pointer unused,
    }
 }
 static void
 SecurityDeclareExtSecure(CallbackListPtr *pcbl, pointer unused,
 			 pointer calldata)
 {
    XaceDeclareExtSecureRec *rec = (XaceDeclareExtSecureRec*)calldata;
    /* security state for extensions is simply a boolean trust value */
    dixSetPrivate(DEVPRIV_PTR(rec->ext), &stateKey, (pointer)rec->secure);
 }
 /**********************************************************************/
 typedef struct _PropertyAccessRec {
@ -1276,7 +1270,9 @@ static char *SecurityKeywords[] = {
 #define SecurityKeywordRoot 3
    "root",
 #define SecurityKeywordAny 4
-    "any"
+    "any",
 #define SecurityKeywordExtension 5
    "trust extension",
 };
 #define NUMKEYWORDS (sizeof(SecurityKeywords) / sizeof(char *))
@ -1500,6 +1496,36 @@ SecurityParsePropertyAccessRule(
    return TRUE;
 } /* SecurityParsePropertyAccessRule */
 static Bool
 SecurityParseExtensionRule(
    char *p)
 {
    char *extName = SecurityParseString(&p);
    char *copyExtName;
    char **newStrings;
    if (!extName)
 	return FALSE;
    copyExtName = (char *)Xalloc(strlen(extName) + 1);
    if (!copyExtName)
 	return TRUE;
    strcpy(copyExtName, extName);
    newStrings = (char **)Xrealloc(SecurityTrustedExtensions,
 			  sizeof (char *) * (nSecurityTrustedExtensions + 1));
    if (!newStrings)
    {
 	Xfree(copyExtName);
 	return TRUE;
    }
    SecurityTrustedExtensions = newStrings;
    SecurityTrustedExtensions[nSecurityTrustedExtensions++] = copyExtName;
    return TRUE;
 } /* SecurityParseExtensionRule */
 static char **SecurityPolicyStrings = NULL;
 static int nSecurityPolicyStrings = 0;
@ -1558,6 +1584,21 @@ SecurityFreeSitePolicyStrings(void)
    }
 } /* SecurityFreeSitePolicyStrings */
 static void
 SecurityFreeTrustedExtensionStrings(void)
 {
    if (SecurityTrustedExtensions)
    {
 	assert(nSecurityTrustedExtensions);
 	while (nSecurityTrustedExtensions--)
 	{
 	    Xfree(SecurityTrustedExtensions[nSecurityTrustedExtensions]);
 	}
 	Xfree(SecurityTrustedExtensions);
 	SecurityTrustedExtensions = NULL;
 	nSecurityTrustedExtensions = 0;
    }
 } /* SecurityFreeSiteTrustedExtensions */
 static void
 SecurityLoadPropertyAccessList(void)
@ -1616,6 +1657,10 @@ SecurityLoadPropertyAccessList(void)
 		    validLine = SecurityParseSitePolicy(p);
 		break;
 		case SecurityKeywordExtension:
 		    validLine = SecurityParseExtensionRule(p);
 		break;
 		default:
 		    validLine = (*p == '\0'); /* blank lines OK, others not */
 		break;
@ -1791,6 +1836,7 @@ SecurityResetProc(
    ExtensionEntry *extEntry)
 {
    SecurityFreePropertyAccessList();
    SecurityFreeTrustedExtensionStrings();
    SecurityFreeSitePolicyStrings();
 } /* SecurityResetProc */
@ -1811,32 +1857,6 @@ XSecurityOptions(argc, argv, i)
 } /* XSecurityOptions */
 /* SecurityExtensionSetup
 *
 * Arguments: none.
 *
 * Returns: nothing.
 *
 * Side Effects:
 *	Sets up the Security extension if possible.
 *      This function contains things that need to be done
 *      before any other extension init functions get called.
 */
 void
 SecurityExtensionSetup(INITARGS)
 {
    /* FIXME: this is here so it is registered before other extensions
     * init themselves.  This also required commit 5e946dd853a4ebc... to
     * call the setup functions on each server reset.
     *
     * The extension security bit should be delivered in some other way,
     * either in a symbol or in the module data.
     */
    XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, SecurityDeclareExtSecure, 0);
 } /* SecurityExtensionSetup */
 /* SecurityExtensionInit
 *
 * Arguments: none.
--- a/Xext/xcmisc.c
+++ b/Xext/xcmisc.c
@ -80,8 +80,6 @@ XCMiscExtensionInit(INITARGS)
 			ProcXCMiscDispatch, SProcXCMiscDispatch,
 			XCMiscResetProc, StandardMinorOpcode);
 #endif
    DeclareExtensionSecurity(XCMiscExtensionName, TRUE);
 }
 /*ARGSUSED*/
--- a/Xext/xprint.c
+++ b/Xext/xprint.c
@ -335,7 +335,6 @@ XpExtensionInit(INITARGS)
 	    screenInfo.screens[i]->CloseScreen = XpCloseScreen;
 	}
    }
    DeclareExtensionSecurity(XP_PRINTNAME, TRUE);
 }
 static void
--- a/dix/extension.c
+++ b/dix/extension.c
@ -250,14 +250,6 @@ GetExtensionEntry(int major)
    return extensions[major];
 }
 _X_EXPORT void
 DeclareExtensionSecurity(char *extname, Bool secure)
 {
    int i = FindExtension(extname, strlen(extname));
    if (i >= 0)
 	XaceHook(XACE_DECLARE_EXT_SECURE, extensions[i], secure);
 }
 _X_EXPORT unsigned short
 StandardMinorOpcode(ClientPtr client)
 {
--- a/hw/xfree86/dixmods/extmod/modinit.h
+++ b/hw/xfree86/dixmods/extmod/modinit.h
@ -135,7 +135,6 @@ extern void XSELinuxExtensionInit(INITARGS);
 #endif
 #if 1
 extern void SecurityExtensionSetup(INITARGS);
 extern void SecurityExtensionInit(INITARGS);
 #endif
--- a/hw/xfree86/loader/dixsym.c
+++ b/hw/xfree86/loader/dixsym.c
@ -200,7 +200,6 @@ _X_HIDDEN void *dixLookupTab[] = {
    SYMFUNC(AddExtension)
    SYMFUNC(AddExtensionAlias)
    SYMFUNC(CheckExtension)
    SYMFUNC(DeclareExtensionSecurity)
    SYMFUNC(MinorOpcodeOfRequest)
    SYMFUNC(StandardMinorOpcode)
 #ifdef XEVIE
--- a/include/extnsionst.h
+++ b/include/extnsionst.h
@ -107,9 +107,5 @@ extern Bool AddExtensionAlias(
 extern ExtensionEntry *CheckExtension(const char *extname);
 extern ExtensionEntry *GetExtensionEntry(int major);
 extern void DeclareExtensionSecurity(
    char * /*extname*/,
    Bool /*secure*/);
 #endif /* EXTENSIONSTRUCT_H */
--- a/mi/miinitext.c
+++ b/mi/miinitext.c
@ -321,7 +321,6 @@ extern void XagExtensionInit(INITARGS);
 extern void XaceExtensionInit(INITARGS);
 #endif
 #ifdef XCSECURITY
 extern void SecurityExtensionSetup(INITARGS);
 extern void SecurityExtensionInit(INITARGS);
 #endif
 #ifdef XSELINUX
@ -538,9 +537,6 @@ InitExtensions(argc, argv)
    int		argc;
    char	*argv[];
 {
 #ifdef XCSECURITY
    SecurityExtensionSetup();
 #endif
 #ifdef XSELINUX
    XSELinuxExtensionSetup();
 #endif
@ -719,7 +715,7 @@ static ExtensionModule staticExtensions[] = {
    { XaceExtensionInit, XACE_EXTENSION_NAME, NULL, NULL, NULL },
 #endif
 #ifdef XCSECURITY
-    { SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, SecurityExtensionSetup, NULL },
+    { SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, NULL, NULL },
 #endif
 #ifdef XSELINUX
    { XSELinuxExtensionInit, XSELINUX_EXTENSION_NAME, NULL, XSELinuxExtensionSetup, NULL },