frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xselinux: adjust receive hook to use new synthetic_event class.

This commit is contained in:
Eamon Walsh 2007-11-14 12:23:29 -05:00 committed by Eamon Walsh
parent 45f884d79c
commit f207e69d62
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Xext/xselinux.c
View File

@ -532,7 +532,7 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
if (rc != Success) if (rc != Success)
goto err; goto err;
auditdata.event = rec->events[i].u.u.type; auditdata.event = type;
rc = SELinuxDoCheck(clientIndex, subj, &ev_sid, class, rc = SELinuxDoCheck(clientIndex, subj, &ev_sid, class,
DixSendAccess, &auditdata); DixSendAccess, &auditdata);
if (rc != Success) if (rc != Success)
@ -547,9 +547,10 @@ static void
SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata) SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{ {
XaceReceiveAccessRec *rec = calldata; XaceReceiveAccessRec *rec = calldata;
SELinuxStateRec *subj, *obj; SELinuxStateRec *subj, *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = NULL }; SELinuxAuditRec auditdata = { .client = NULL };
int rc, i; security_class_t class;
int rc, i, type;
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey); subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey); obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
@ -562,14 +563,15 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Check receive permission on specific event types */ /* Check receive permission on specific event types */
for (i = 0; i < rec->count; i++) { for (i = 0; i < rec->count; i++) {
SELinuxStateRec ev_sid; type = rec->events[i].u.u.type;
class = (type & 128) ? SECCLASS_X_FAKEEVENT : SECCLASS_X_EVENT;
rc = SELinuxEventToSID(rec->events[i].u.u.type, obj->sid, &ev_sid); rc = SELinuxEventToSID(type, obj->sid, &ev_sid);
if (rc != Success) if (rc != Success)
goto err; goto err;
auditdata.event = rec->events[i].u.u.type; auditdata.event = type;
rc = SELinuxDoCheck(rec->client->index, subj, &ev_sid, SECCLASS_X_EVENT, rc = SELinuxDoCheck(rec->client->index, subj, &ev_sid, class,
DixReceiveAccess, &auditdata); DixReceiveAccess, &auditdata);
if (rc != Success) if (rc != Success)
goto err; goto err;