fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-05-05 07:38:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'server-1.7-branch' of git://anongit.freedesktop.org/~ewalsh/xserver into server-1.7-nominations

Browse source
This commit is contained in:
Peter Hutterer 2009-10-22 13:31:21 +10:00
commit 4b9979ae19
9 changed files with 128 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
Xext/xselinux.c
View file

@ -544,7 +544,7 @@ SELinuxLabelResource(XaceResourceAccessRec *rec, SELinuxSubjectRec *subj,
security_id_t tsid;
/* Check for a create context */
if (rec->rtype == RT_WINDOW && subj->win_create_sid) {
if (rec->rtype & RC_DRAWABLE && subj->win_create_sid) {
sidget(obj->sid = subj->win_create_sid);
return Success;
}
@ -662,6 +662,7 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
security_class_t cls;
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
@ -686,19 +687,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
}
}
/* XXX only check read permission on XQueryKeymap */
/* This is to allow the numerous apps that call XQueryPointer to work */
if (rec->access_mode & DixReadAccess) {
ClientPtr client = rec->client;
REQUEST(xReq);
if (stuff && stuff->reqType != X_QueryKeymap) {
rec->access_mode &= ~DixReadAccess;
rec->access_mode |= DixGetAttrAccess;
}
}
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
&auditdata);
cls = IsPointerDevice(rec->dev) ? SECCLASS_X_POINTER : SECCLASS_X_KEYBOARD;
rc = SELinuxDoCheck(subj, obj, cls, rec->access_mode, &auditdata);
if (rc != Success)
rec->status = rc;
}
@ -1958,8 +1948,10 @@ SELinuxExtensionInit(INITARGS)
}
/* Don't init unless there's something to do */
if (!security_get_boolean_active("xserver_object_manager"))
if (!security_get_boolean_active("xserver_object_manager")) {
LogMessage(X_INFO, "SELinux: Disabled by boolean\n");
return;
}
/* Check SELinux mode in configuration file */
switch(selinuxEnforcingState) {

45
Xext/xselinux.h
View file

@ -150,12 +150,13 @@ typedef struct {
#define SECCLASS_X_SELECTION 7
#define SECCLASS_X_CURSOR 8
#define SECCLASS_X_CLIENT 9
#define SECCLASS_X_DEVICE 10
#define SECCLASS_X_SERVER 11
#define SECCLASS_X_EXTENSION 12
#define SECCLASS_X_EVENT 13
#define SECCLASS_X_FAKEEVENT 14
#define SECCLASS_X_RESOURCE 15
#define SECCLASS_X_POINTER 10
#define SECCLASS_X_KEYBOARD 11
#define SECCLASS_X_SERVER 12
#define SECCLASS_X_EXTENSION 13
#define SECCLASS_X_EVENT 14
#define SECCLASS_X_FAKEEVENT 15
#define SECCLASS_X_RESOURCE 16
/* Mapping from DixAccess bits to Flask permissions */
static struct security_class_mapping map[] = {
@ -370,7 +371,37 @@ static struct security_class_mapping map[] = {
"", /* DixUseAccess */
"manage", /* DixManageAccess */
NULL }},
{ "x_device",
{ "x_pointer",
{ "read", /* DixReadAccess */
"write", /* DixWriteAccess */
"destroy", /* DixDestroyAccess */
"create", /* DixCreateAccess */
"getattr", /* DixGetAttrAccess */
"setattr", /* DixSetAttrAccess */
"list_property", /* DixListPropAccess */
"get_property", /* DixGetPropAccess */
"set_property", /* DixSetPropAccess */
"getfocus", /* DixGetFocusAccess */
"setfocus", /* DixSetFocusAccess */
"", /* DixListAccess */
"add", /* DixAddAccess */
"remove", /* DixRemoveAccess */
"", /* DixHideAccess */
"", /* DixShowAccess */
"", /* DixBlendAccess */
"grab", /* DixGrabAccess */
"freeze", /* DixFreezeAccess */
"force_cursor", /* DixForceAccess */
"", /* DixInstallAccess */
"", /* DixUninstallAccess */
"", /* DixSendAccess */
"", /* DixReceiveAccess */
"use", /* DixUseAccess */
"manage", /* DixManageAccess */
"", /* DixDebugAccess */
"bell", /* DixBellAccess */
NULL }},
{ "x_keyboard",
{ "read", /* DixReadAccess */
"write", /* DixWriteAccess */
"destroy", /* DixDestroyAccess */

14
Xi/queryst.c
View file

@ -96,7 +96,7 @@ ProcXQueryDeviceState(ClientPtr client)
rep.sequenceNumber = client->sequence;
rc = dixLookupDevice(&dev, stuff->deviceid, client, DixReadAccess);
if (rc != Success)
if (rc != Success && rc != BadAccess)
return rc;
v = dev->valuator;
@ -130,8 +130,9 @@ ProcXQueryDeviceState(ClientPtr client)
tk->length = sizeof(xKeyState);
tk->num_keys = k->xkbInfo->desc->max_key_code -
k->xkbInfo->desc->min_key_code + 1;
for (i = 0; i < 32; i++)
tk->keys[i] = k->down[i];
if (rc != BadAccess)
for (i = 0; i < 32; i++)
tk->keys[i] = k->down[i];
buf += sizeof(xKeyState);
}
@ -140,7 +141,8 @@ ProcXQueryDeviceState(ClientPtr client)
tb->class = ButtonClass;
tb->length = sizeof(xButtonState);
tb->num_buttons = b->numButtons;
memcpy(tb->buttons, b->down, sizeof(b->down));
if (rc != BadAccess)
memcpy(tb->buttons, b->down, sizeof(b->down));
buf += sizeof(xButtonState);
}
@ -152,7 +154,9 @@ ProcXQueryDeviceState(ClientPtr client)
tv->mode = v->mode;
buf += sizeof(xValuatorState);
for (i = 0, values = v->axisVal; i < v->numAxes; i++) {
*((int *)buf) = *values++;
if (rc != BadAccess)
*((int *)buf) = *values;
values++;
if (client->swapped) {
swapl((int *)buf, n); /* macro - braces needed */
}

41
Xi/xiquerydevice.c
View file

@ -45,7 +45,8 @@
#include "xiquerydevice.h"
static Bool ShouldSkipDevice(ClientPtr client, int deviceid, DeviceIntPtr d);
static int ListDeviceInfo(DeviceIntPtr dev, xXIDeviceInfo* info);
static int
ListDeviceInfo(ClientPtr client, DeviceIntPtr dev, xXIDeviceInfo* info);
static int SizeDeviceInfo(DeviceIntPtr dev);
static void SwapDeviceInfo(DeviceIntPtr dev, xXIDeviceInfo* info);
int
@ -119,7 +120,7 @@ ProcXIQueryDevice(ClientPtr client)
ptr = info;
if (dev)
{
len = ListDeviceInfo(dev, (xXIDeviceInfo*)info);
len = ListDeviceInfo(client, dev, (xXIDeviceInfo*)info);
if (client->swapped)
SwapDeviceInfo(dev, (xXIDeviceInfo*)info);
info += len;
@ -131,7 +132,7 @@ ProcXIQueryDevice(ClientPtr client)
{
if (!skip[i])
{
len = ListDeviceInfo(dev, (xXIDeviceInfo*)info);
len = ListDeviceInfo(client, dev, (xXIDeviceInfo*)info);
if (client->swapped)
SwapDeviceInfo(dev, (xXIDeviceInfo*)info);
info += len;
@ -143,7 +144,7 @@ ProcXIQueryDevice(ClientPtr client)
{
if (!skip[i])
{
len = ListDeviceInfo(dev, (xXIDeviceInfo*)info);
len = ListDeviceInfo(client, dev, (xXIDeviceInfo*)info);
if (client->swapped)
SwapDeviceInfo(dev, (xXIDeviceInfo*)info);
info += len;
@ -240,7 +241,7 @@ SizeDeviceClasses(DeviceIntPtr dev)
* @return Number of bytes written into info.
*/
int
ListButtonInfo(DeviceIntPtr dev, xXIButtonInfo* info)
ListButtonInfo(DeviceIntPtr dev, xXIButtonInfo* info, Bool reportState)
{
unsigned char *bits;
int mask_len;
@ -257,9 +258,11 @@ ListButtonInfo(DeviceIntPtr dev, xXIButtonInfo* info)
bits = (unsigned char*)&info[1];
memset(bits, 0, mask_len * 4);
for (i = 0; dev && dev->button && i < dev->button->numButtons; i++)
if (BitIsOn(dev->button->down, i))
SetBit(bits, i);
if (reportState)
for (i = 0; dev && dev->button && i < dev->button->numButtons; i++)
if (BitIsOn(dev->button->down, i))
SetBit(bits, i);
bits += mask_len * 4;
memcpy(bits, dev->button->labels, dev->button->numButtons * sizeof(Atom));
@ -327,7 +330,8 @@ SwapKeyInfo(DeviceIntPtr dev, xXIKeyInfo* info)
* @return The number of bytes written into info.
*/
int
ListValuatorInfo(DeviceIntPtr dev, xXIValuatorInfo* info, int axisnumber)
ListValuatorInfo(DeviceIntPtr dev, xXIValuatorInfo* info, int axisnumber,
Bool reportState)
{
ValuatorClassPtr v = dev->valuator;
@ -345,6 +349,9 @@ ListValuatorInfo(DeviceIntPtr dev, xXIValuatorInfo* info, int axisnumber)
info->mode = v->mode; /* Server doesn't have per-axis mode yet */
info->sourceid = v->sourceid;
if (!reportState)
info->value = info->min;
return info->length * 4;
}
@ -389,7 +396,7 @@ int GetDeviceUse(DeviceIntPtr dev, uint16_t *attachment)
* @return The number of bytes used.
*/
static int
ListDeviceInfo(DeviceIntPtr dev, xXIDeviceInfo* info)
ListDeviceInfo(ClientPtr client, DeviceIntPtr dev, xXIDeviceInfo* info)
{
char *any = (char*)&info[1];
int len = 0, total_len = 0;
@ -407,7 +414,8 @@ ListDeviceInfo(DeviceIntPtr dev, xXIDeviceInfo* info)
any += len;
total_len += len;
return total_len + ListDeviceClasses(dev, any, &info->num_classes);
total_len += ListDeviceClasses(client, dev, any, &info->num_classes);
return total_len;
}
/**
@ -416,16 +424,21 @@ ListDeviceInfo(DeviceIntPtr dev, xXIDeviceInfo* info)
* written.
*/
int
ListDeviceClasses(DeviceIntPtr dev, char *any, uint16_t *nclasses)
ListDeviceClasses(ClientPtr client, DeviceIntPtr dev,
char *any, uint16_t *nclasses)
{
int total_len = 0;
int len;
int i;
int rc;
/* Check if the current device state should be suppressed */
rc = XaceHook(XACE_DEVICE_ACCESS, client, dev, DixReadAccess);
if (dev->button)
{
(*nclasses)++;
len = ListButtonInfo(dev, (xXIButtonInfo*)any);
len = ListButtonInfo(dev, (xXIButtonInfo*)any, rc == Success);
any += len;
total_len += len;
}
@ -441,7 +454,7 @@ ListDeviceClasses(DeviceIntPtr dev, char *any, uint16_t *nclasses)
for (i = 0; dev->valuator && i < dev->valuator->numAxes; i++)
{
(*nclasses)++;
len = ListValuatorInfo(dev, (xXIValuatorInfo*)any, i);
len = ListValuatorInfo(dev, (xXIValuatorInfo*)any, i, rc == Success);
any += len;
total_len += len;
}

8
Xi/xiquerydevice.h
View file

@ -37,9 +37,11 @@ int SProcXIQueryDevice(ClientPtr client);
int ProcXIQueryDevice(ClientPtr client);
void SRepXIQueryDevice(ClientPtr client, int size, xXIQueryDeviceReply *rep);
int SizeDeviceClasses(DeviceIntPtr dev);
int ListDeviceClasses(DeviceIntPtr dev, char* any, uint16_t* nclasses);
int ListDeviceClasses(ClientPtr client, DeviceIntPtr dev,
char* any, uint16_t* nclasses);
int GetDeviceUse(DeviceIntPtr dev, uint16_t *attachment);
int ListButtonInfo(DeviceIntPtr dev, xXIButtonInfo* info);
int ListButtonInfo(DeviceIntPtr dev, xXIButtonInfo* info, Bool reportState);
int ListKeyInfo(DeviceIntPtr dev, xXIKeyInfo* info);
int ListValuatorInfo(DeviceIntPtr dev, xXIValuatorInfo* info, int axisnumber);
int ListValuatorInfo(DeviceIntPtr dev, xXIValuatorInfo* info,
int axisnumber, Bool reportState);
#endif /* QUERYDEV_H */

5
dix/devices.c
View file

@ -2221,12 +2221,15 @@ ProcQueryKeymap(ClientPtr client)
rep.length = 2;
rc = XaceHook(XACE_DEVICE_ACCESS, client, keybd, DixReadAccess);
if (rc != Success)
if (rc != Success && rc != BadAccess)
return rc;
for (i = 0; i<32; i++)
rep.map[i] = down[i];
if (rc == BadAccess)
memset(rep.map, 0, 32);
WriteReplyToClient(client, sizeof(xQueryKeymapReply), &rep);
return Success;

61
dix/events.c
View file

@ -2498,15 +2498,15 @@ DeliverDeviceEvents(WindowPtr pWin, InternalEvent *event, GrabPtr grab,
if (mask & XI_MASK)
{
rc = EventToXI(event, &xE, &count);
if (rc == Success &&
XaceHook(XACE_SEND_ACCESS, NULL, dev, pWin, xE, count) == Success)
{
filter = GetEventFilter(dev, xE);
FixUpEventFromWindow(dev, xE, pWin, child, FALSE);
deliveries = DeliverEventsToWindow(dev, pWin, xE, count,
filter, grab);
if (deliveries > 0)
goto unwind;
if (rc == Success) {
if (XaceHook(XACE_SEND_ACCESS, NULL, dev, pWin, xE, count) == Success) {
filter = GetEventFilter(dev, xE);
FixUpEventFromWindow(dev, xE, pWin, child, FALSE);
deliveries = DeliverEventsToWindow(dev, pWin, xE, count,
filter, grab);
if (deliveries > 0)
goto unwind;
}
} else if (rc != BadMatch)
ErrorF("[dix] %s: XI conversion failed in DDE (%d, %d). Skipping delivery.\n",
dev->name, event->any.type, rc);
@ -2516,15 +2516,15 @@ DeliverDeviceEvents(WindowPtr pWin, InternalEvent *event, GrabPtr grab,
if ((mask & CORE_MASK) && IsMaster(dev) && dev->coreEvents)
{
rc = EventToCore(event, &core);
if (rc == Success &&
XaceHook(XACE_SEND_ACCESS, NULL, dev, pWin, &core, 1) == Success)
{
filter = GetEventFilter(dev, &core);
FixUpEventFromWindow(dev, &core, pWin, child, FALSE);
deliveries = DeliverEventsToWindow(dev, pWin, &core, 1,
filter, grab);
if (deliveries > 0)
goto unwind;
if (rc == Success) {
if (XaceHook(XACE_SEND_ACCESS, NULL, dev, pWin, &core, 1) == Success) {
filter = GetEventFilter(dev, &core);
FixUpEventFromWindow(dev, &core, pWin, child, FALSE);
deliveries = DeliverEventsToWindow(dev, pWin, &core, 1,
filter, grab);
if (deliveries > 0)
goto unwind;
}
} else if (rc != BadMatch)
ErrorF("[dix] %s: Core conversion failed in DDE (%d, %d).\n",
dev->name, event->any.type, rc);
@ -3804,13 +3804,13 @@ DeliverFocusedEvent(DeviceIntPtr keybd, InternalEvent *event, WindowPtr window)
if (sendCore)
{
rc = EventToCore(event, &core);
if (rc == Success &&
XaceHook(XACE_SEND_ACCESS, NULL, keybd, focus, &core, 1) == Success)
{
FixUpEventFromWindow(keybd, &core, focus, None, FALSE);
deliveries = DeliverEventsToWindow(keybd, focus, &core, 1,
GetEventFilter(keybd, &core),
NullGrab);
if (rc == Success) {
if (XaceHook(XACE_SEND_ACCESS, NULL, keybd, focus, &core, 1) == Success) {
FixUpEventFromWindow(keybd, &core, focus, None, FALSE);
deliveries = DeliverEventsToWindow(keybd, focus, &core, 1,
GetEventFilter(keybd, &core),
NullGrab);
}
} else if (rc != BadMatch)
ErrorF("[dix] %s: core conversion failed DFE (%d, %d). Skipping delivery.\n",
keybd->name, event->any.type, rc);
@ -4974,7 +4974,7 @@ ProcQueryPointer(ClientPtr client)
if (rc != Success)
return rc;
rc = XaceHook(XACE_DEVICE_ACCESS, client, mouse, DixReadAccess);
if (rc != Success)
if (rc != Success && rc != BadAccess)
return rc;
keyboard = GetPairedDevice(mouse);
@ -5022,6 +5022,15 @@ ProcQueryPointer(ClientPtr client)
}
#endif
if (rc == BadAccess) {
rep.mask = 0;
rep.child = None;
rep.rootX = 0;
rep.rootY = 0;
rep.winX = 0;
rep.winY = 0;
}
WriteReplyToClient(client, sizeof(xQueryPointerReply), &rep);
return(Success);

4
include/dix.h
View file

@ -587,8 +587,8 @@ typedef struct {
extern int XItoCoreType(int xi_type);
extern Bool DevHasCursor(DeviceIntPtr pDev);
extern Bool IsPointerDevice( DeviceIntPtr dev);
extern Bool IsKeyboardDevice(DeviceIntPtr dev);
extern Bool _X_EXPORT IsPointerDevice( DeviceIntPtr dev);
extern Bool _X_EXPORT IsKeyboardDevice(DeviceIntPtr dev);
extern Bool IsPointerEvent(InternalEvent *event);
extern Bool IsMaster(DeviceIntPtr dev);

2
xkb/xkb.c
View file

@ -554,7 +554,7 @@ ProcXkbGetState(ClientPtr client)
if (!(client->xkbClientFlags&_XkbClientInitialized))
return BadAccess;
CHK_KBD_DEVICE(dev, stuff->deviceSpec, client, DixReadAccess);
CHK_KBD_DEVICE(dev, stuff->deviceSpec, client, DixGetAttrAccess);
xkb= &dev->key->xkbInfo->state;
bzero(&rep,sizeof(xkbGetStateReply));