frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: drop the "declare extension security" dix call. Use the 

SecurityPolicy configuration file instead.
This commit is contained in:
Eamon Walsh 2007-08-03 10:56:18 -04:00 committed by Eamon Walsh
parent e34fcd2bf4
commit d445d2f22b
10 changed files with 67 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Xext/SecurityPolicy
View File

@ -86,3 +86,8 @@ property XDCCC_GRAY_CORRECTION root ar
# To let untrusted clients use the overlay visuals that many vendors
# support, include this line.
property SERVER_OVERLAY_VISUALS root ar
# Only trusted extensions can be used by untrusted clients
trust extension XC-MISC
trust extension BIG-REQUESTS
trust extension XpExtension

2
Xext/bigreq.c
View File

@ -66,8 +66,6 @@ BigReqExtensionInit(INITARGS)
ProcBigReqDispatch, ProcBigReqDispatch,
BigReqResetProc, StandardMinorOpcode);
#endif
DeclareExtensionSecurity(XBigReqExtensionName, TRUE);
}
/*ARGSUSED*/

102
Xext/security.c
View File

@ -63,8 +63,6 @@ typedef struct {
XID authId;
} SecurityClientStateRec;
#define EXTLEVEL(extnsn) ((Bool) \
dixLookupPrivate(DEVPRIV_PTR(extnsn), &stateKey))
#define HAVESTATE(client) (((SecurityClientStateRec *) \
dixLookupPrivate(DEVPRIV_PTR(client), &stateKey))->haveState)
#define TRUSTLEVEL(client) (((SecurityClientStateRec *) \
@ -74,6 +72,9 @@ typedef struct {
static CallbackListPtr SecurityValidateGroupCallback = NULL;
static char **SecurityTrustedExtensions = NULL;
static int nSecurityTrustedExtensions = 0;
RESTYPE SecurityAuthorizationResType; /* resource type for authorizations */
static RESTYPE RTEventClient;
@ -1210,10 +1211,13 @@ SecurityCheckExtAccess(CallbackListPtr *pcbl, pointer unused,
pointer calldata)
{
XaceExtAccessRec *rec = (XaceExtAccessRec*)calldata;
int i, trusted = 0;
if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) &&
!EXTLEVEL(rec->ext))
for (i = 0; i < nSecurityTrustedExtensions; i++)
if (!strcmp(SecurityTrustedExtensions[i], rec->ext->name))
trusted = 1;
if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) && !trusted)
rec->status = BadAccess;
}
@ -1235,16 +1239,6 @@ SecurityCheckHostlistAccess(CallbackListPtr *pcbl, pointer unused,
}
}
static void
SecurityDeclareExtSecure(CallbackListPtr *pcbl, pointer unused,
pointer calldata)
{
XaceDeclareExtSecureRec *rec = (XaceDeclareExtSecureRec*)calldata;
/* security state for extensions is simply a boolean trust value */
dixSetPrivate(DEVPRIV_PTR(rec->ext), &stateKey, (pointer)rec->secure);
}
/**********************************************************************/
typedef struct _PropertyAccessRec {
@ -1276,7 +1270,9 @@ static char *SecurityKeywords[] = {
#define SecurityKeywordRoot 3
"root",
#define SecurityKeywordAny 4
"any"
"any",
#define SecurityKeywordExtension 5
"trust extension",
};
#define NUMKEYWORDS (sizeof(SecurityKeywords) / sizeof(char *))
@ -1500,6 +1496,36 @@ SecurityParsePropertyAccessRule(
return TRUE;
} /* SecurityParsePropertyAccessRule */
static Bool
SecurityParseExtensionRule(
char *p)
{
char *extName = SecurityParseString(&p);
char *copyExtName;
char **newStrings;
if (!extName)
return FALSE;
copyExtName = (char *)Xalloc(strlen(extName) + 1);
if (!copyExtName)
return TRUE;
strcpy(copyExtName, extName);
newStrings = (char **)Xrealloc(SecurityTrustedExtensions,
sizeof (char *) * (nSecurityTrustedExtensions + 1));
if (!newStrings)
{
Xfree(copyExtName);
return TRUE;
}
SecurityTrustedExtensions = newStrings;
SecurityTrustedExtensions[nSecurityTrustedExtensions++] = copyExtName;
return TRUE;
} /* SecurityParseExtensionRule */
static char **SecurityPolicyStrings = NULL;
static int nSecurityPolicyStrings = 0;
@ -1558,6 +1584,21 @@ SecurityFreeSitePolicyStrings(void)
}
} /* SecurityFreeSitePolicyStrings */
static void
SecurityFreeTrustedExtensionStrings(void)
{
if (SecurityTrustedExtensions)
{
assert(nSecurityTrustedExtensions);
while (nSecurityTrustedExtensions--)
{
Xfree(SecurityTrustedExtensions[nSecurityTrustedExtensions]);
}
Xfree(SecurityTrustedExtensions);
SecurityTrustedExtensions = NULL;
nSecurityTrustedExtensions = 0;
}
} /* SecurityFreeSiteTrustedExtensions */
static void
SecurityLoadPropertyAccessList(void)
@ -1616,6 +1657,10 @@ SecurityLoadPropertyAccessList(void)
validLine = SecurityParseSitePolicy(p);
break;
case SecurityKeywordExtension:
validLine = SecurityParseExtensionRule(p);
break;
default:
validLine = (*p == '\0'); /* blank lines OK, others not */
break;
@ -1791,6 +1836,7 @@ SecurityResetProc(
ExtensionEntry *extEntry)
{
SecurityFreePropertyAccessList();
SecurityFreeTrustedExtensionStrings();
SecurityFreeSitePolicyStrings();
} /* SecurityResetProc */
@ -1811,32 +1857,6 @@ XSecurityOptions(argc, argv, i)
} /* XSecurityOptions */
/* SecurityExtensionSetup
*
* Arguments: none.
*
* Returns: nothing.
*
* Side Effects:
* Sets up the Security extension if possible.
* This function contains things that need to be done
* before any other extension init functions get called.
*/
void
SecurityExtensionSetup(INITARGS)
{
/* FIXME: this is here so it is registered before other extensions
* init themselves. This also required commit 5e946dd853a4ebc... to
* call the setup functions on each server reset.
*
* The extension security bit should be delivered in some other way,
* either in a symbol or in the module data.
*/
XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, SecurityDeclareExtSecure, 0);
} /* SecurityExtensionSetup */
/* SecurityExtensionInit
*
* Arguments: none.

2
Xext/xcmisc.c
View File

@ -80,8 +80,6 @@ XCMiscExtensionInit(INITARGS)
ProcXCMiscDispatch, SProcXCMiscDispatch,
XCMiscResetProc, StandardMinorOpcode);
#endif
DeclareExtensionSecurity(XCMiscExtensionName, TRUE);
}
/*ARGSUSED*/

1
Xext/xprint.c
View File

@ -335,7 +335,6 @@ XpExtensionInit(INITARGS)
screenInfo.screens[i]->CloseScreen = XpCloseScreen;
}
}
DeclareExtensionSecurity(XP_PRINTNAME, TRUE);
}
static void

8
dix/extension.c
View File

@ -250,14 +250,6 @@ GetExtensionEntry(int major)
return extensions[major];
}
_X_EXPORT void
DeclareExtensionSecurity(char *extname, Bool secure)
{
int i = FindExtension(extname, strlen(extname));
if (i >= 0)
XaceHook(XACE_DECLARE_EXT_SECURE, extensions[i], secure);
}
_X_EXPORT unsigned short
StandardMinorOpcode(ClientPtr client)
{

1
hw/xfree86/dixmods/extmod/modinit.h
View File

@ -135,7 +135,6 @@ extern void XSELinuxExtensionInit(INITARGS);
#endif
#if 1
extern void SecurityExtensionSetup(INITARGS);
extern void SecurityExtensionInit(INITARGS);
#endif

1
hw/xfree86/loader/dixsym.c
View File

@ -200,7 +200,6 @@ _X_HIDDEN void *dixLookupTab[] = {
SYMFUNC(AddExtension)
SYMFUNC(AddExtensionAlias)
SYMFUNC(CheckExtension)
SYMFUNC(DeclareExtensionSecurity)
SYMFUNC(MinorOpcodeOfRequest)
SYMFUNC(StandardMinorOpcode)
#ifdef XEVIE

4
include/extnsionst.h
View File

@ -107,9 +107,5 @@ extern Bool AddExtensionAlias(
extern ExtensionEntry *CheckExtension(const char *extname);
extern ExtensionEntry *GetExtensionEntry(int major);
extern void DeclareExtensionSecurity(
char * /*extname*/,
Bool /*secure*/);
#endif /* EXTENSIONSTRUCT_H */

6
mi/miinitext.c
View File

@ -321,7 +321,6 @@ extern void XagExtensionInit(INITARGS);
extern void XaceExtensionInit(INITARGS);
#endif
#ifdef XCSECURITY
extern void SecurityExtensionSetup(INITARGS);
extern void SecurityExtensionInit(INITARGS);
#endif
#ifdef XSELINUX
@ -538,9 +537,6 @@ InitExtensions(argc, argv)
int argc;
char *argv[];
{
#ifdef XCSECURITY
SecurityExtensionSetup();
#endif
#ifdef XSELINUX
XSELinuxExtensionSetup();
#endif
@ -719,7 +715,7 @@ static ExtensionModule staticExtensions[] = {
{ XaceExtensionInit, XACE_EXTENSION_NAME, NULL, NULL, NULL },
#endif
#ifdef XCSECURITY
{ SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, SecurityExtensionSetup, NULL },
{ SecurityExtensionInit, SECURITY_EXTENSION_NAME, &noSecurityExtension, NULL, NULL },
#endif
#ifdef XSELINUX
{ XSELinuxExtensionInit, XSELINUX_EXTENSION_NAME, NULL, XSELinuxExtensionSetup, NULL },