Up until now, xorg_list's always need to be explicitly initialized by
calling xorg_list_init(), otherwise next access attempt will segfault.
This is adding extra complexity and risk of subtle bugs.
Adding some extra NULL check are trivial and their cost is so tiny
that it's even hard to practically measure.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This helper checks whether a given XID belongs to some screen's
root window. It does so by looking up the window and comparing that
with the window's screen's root window pointer. The resource lookup
is intentionally being on behalf of the serverClient, so the fired
XACE hook doesn't treat it as an actual client's request.
It's explicitly designed for being used by callback handlers.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Add a little helper that's looking up the ClientPtr to the client
of the owner of given XID. The lookup is solely done on the ID space,
the actual resource doesn't even need to exist.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Add hooks for filtering and fully rewrite rewrite selection requests
and events (what existing XACE hooks cannot do), e.g. for supporting
separate selection name spaces.
The hook can change individual fields in the parameter struct, so
operation continues with these changed values (eg. replace the original
selection name atom by a different one). It's also possible to stop
operations completely (with given result code) - in that case the
hook needs to take care of the remaining work to do (eg. sending events)
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This hook allows extensions to intercept client requests for changing
window attributes. It can either change the parameters or skip the
entire call (eg. handle all itself) so just the hook provided result
code is returned to the client.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
a) no need to checking for win->optional == NULL before calling
MakeWindowOptional(), because it checks itself
(except some cases where it's presence has it's own semantics,
or prevent unnecessary allocations)
b) lots of call sites didn't check for allocation failure.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Allow extensions to catch in right after a screen's root window has
been finally initialized
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
a) an internal function that's not used by any drivers
b) conflicting with function/define of same name on win32
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
When destroying a resource, the lookup needs to be done with
DixDestroyAccess (instead of DixWriteAccess) flag - otherwise
xace hooks can't properly differenciate what's happening.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Fixes: 6c46645cfc
Several places outside Xi (eg. dix, security hooks, ...) need to know the
actual XI base opcode. This formerly had been done by a global variable,
which is filled on XI init. This has some drawbacks, eg. requires that
XI really is initialized before anybody else attempting to access this
variable - changes in extension init order could be dangerous.
Since extension opcodes are now (compile-time) fixed for all known
extensions (including XI), this isn't needed anymore. We can really
rely on the XI extension always having the same opcode base. So we
can drop that variable entirely and use the corresponding define instead.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Assign fixed opcodes for known (in-tree) extensions and add
defines for them. Other places (eg. security extensions) that
need to know those opcodes now can directly use those defines
not having to look them up at runtime.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
In order to allow extensions being registered at fixed opcodes,
there need to be a reserved slot range. Thus `NumExtensions` needs
to start out with the upper ceiling of the reserved slot space.
Thus it cannot tell whether the array already had been allocated,
and some slots now may be NULL, so we need some extra checks.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Using simple case statements with actual opcode define's instead
of call vector arrays where the exact order matters.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Protect the Add() proto funcs from adding duplicate auth keys.
If adding a duplicate is attempted, the XID of the already
existing one is returned instead.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
No need for loading the address into temporary variable and later doing
indirect call, since we can easily do direct call in each branch.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
XID = 0 already is used as sign for error in several places,
so let's use that here, too.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Generate the auth object XIDs inside the proto funcs and only
on success, so we don't unnecessarily allocate XIDs.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
No need to explicitly hard-code strings lengths when we can use
standard strlen(). Those code pathes are so cold that trying to
spare a few cycled for an (usually inlined) strlen() doesn't seem
to justify any extra care.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
The code is easier to understand, but also more robust (eg. against struct
layout changes) if structs are initialized with explicit field names
instead of as lists.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Some callers treating XID = 0 as a sign for non-existing resource.
Practically should not happen, but nevertheless adding extra
protection, just in case.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Consolidate the screen destruction code in its own function and
so move it out of the big main loop.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Instead of retrieving the screen index from ScreenRec and passing this,
so the ScreenRec is looked up again, just pass in the ScreenPtr that
already have anyways.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Make it possible to call FreeGC() w/o prior NULL checks.
In case of NULL, BadMatch is returned.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
No need to have it ripped into two pieces, just making upcoming
changes more complicated.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Pass each client we're considering to report through XaceHookClientAccess(),
so security extensions have a chance to filter them out.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Pass each client we're considering to report through XaceHookClientAccess(),
so security extensions have a chance to filter them out.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Pass each client we're considering to report through XaceHookClientAccess(),
so security extensions have a chance to filter them out.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Pass each client we're considering to report through XaceHookClientAccess(),
so security extensions have a chance to filter them out.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Request handlers aren't supposed to be called by external drivers directly,
so no need to keep them in the public SDK API.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This type is should be used instead of plain int for all functions
returning and X error code (that's possibly sent to the client),
in order to make return value semantics clear to the humen reader.
(for the compiler, it still will be just an int)
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Adding a macro for specifying nonnull attributes, for easier future
transition to new C23 attributes or supporting strange compilers that
don't understand this attribute.
The purpose of using those attributes is aiding compiler warnings and
potential optimizations.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Enrico Weigelt, metux IT consult
Alan Coopersmith