fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-02-15 18:30:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

XACE: Add generic support for property polyinstantiation.

Browse source
This commit is contained in:
Eamon Walsh 2008-02-07 17:01:01 -05:00 committed by Eamon Walsh
parent 67fd0cc248
commit 9e0eb0615c
6 changed files with 14 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Xext/security.c
View file

@ -887,7 +887,7 @@ SecurityProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
XacePropertyAccessRec *rec = calldata;
SecurityStateRec *subj, *obj;
ATOM name = rec->pProp->propertyName;
ATOM name = (*rec->ppProp)->propertyName;
Mask requested = rec->access_mode;
Mask allowed = SecurityAllowedMask | DixReadAccess;

4
Xext/xace.c
View file

@ -56,9 +56,9 @@ int XaceHookDispatch(ClientPtr client, int major)
}
int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin,
PropertyPtr pProp, Mask access_mode)
PropertyPtr *ppProp, Mask access_mode)
{
XacePropertyAccessRec rec = { client, pWin, pProp, access_mode, Success };
XacePropertyAccessRec rec = { client, pWin, ppProp, access_mode, Success };
CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec);
return rec.status;
}

2
Xext/xace.h
View file

@ -68,7 +68,7 @@ extern int XaceHook(
*/
extern int XaceHookDispatch(ClientPtr ptr, int major);
extern int XaceHookPropertyAccess(ClientPtr ptr, WindowPtr pWin,
PropertyPtr pProp, Mask access_mode);
PropertyPtr *ppProp, Mask access_mode);
extern void XaceHookAuditEnd(ClientPtr ptr, int result);
/* Register a callback for a given hook.

2
Xext/xacestr.h
View file

@ -59,7 +59,7 @@ typedef struct {
typedef struct {
ClientPtr client;
WindowPtr pWin;
PropertyPtr pProp;
PropertyPtr *ppProp;
Mask access_mode;
int status;
} XacePropertyAccessRec;

19
Xext/xselinux.c
View file

@ -678,14 +678,15 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
SELinuxAuditRec auditdata = { .client = rec->client };
PropertyPtr pProp = *rec->ppProp;
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->pProp->devPrivates, objectKey);
obj = dixLookupPrivate(&pProp->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
if (rec->access_mode & DixCreateAccess) {
const char *name = NameForAtom(rec->pProp->propertyName);
const char *name = NameForAtom(pProp->propertyName);
security_context_t con;
security_id_t sid;
@ -716,7 +717,7 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
}
/* Perform the security check */
auditdata.property = rec->pProp->propertyName;
auditdata.property = pProp->propertyName;
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,
&auditdata);
if (rc != Success)
@ -1226,16 +1227,8 @@ ProcSELinuxGetPropertyContext(ClientPtr client)
if (rc != Success)
return rc;
pProp = wUserProps(pWin);
while (pProp) {
if (pProp->propertyName == stuff->property)
break;
pProp = pProp->next;
}
if (!pProp)
return BadValue;
rc = XaceHookPropertyAccess(client, pWin, pProp, DixGetAttrAccess);
rc = dixLookupProperty(&pProp, pWin, stuff->property, client,
DixGetAttrAccess);
if (rc != Success)
return rc;

6
dix/property.c
View file

@ -103,7 +103,7 @@ dixLookupProperty(PropertyPtr *result, WindowPtr pWin, Atom propertyName,
break;
if (pProp)
rc = XaceHookPropertyAccess(client, pWin, pProp, access_mode);
rc = XaceHookPropertyAccess(client, pWin, &pProp, access_mode);
*result = pProp;
return rc;
}
@ -284,7 +284,7 @@ dixChangeWindowProperty(ClientPtr pClient, WindowPtr pWin, Atom property,
memmove((char *)data, (char *)value, totalSize);
pProp->size = len;
pProp->devPrivates = NULL;
rc = XaceHookPropertyAccess(pClient, pWin, pProp,
rc = XaceHookPropertyAccess(pClient, pWin, &pProp,
DixCreateAccess|DixWriteAccess);
if (rc != Success) {
xfree(data);
@ -588,7 +588,7 @@ ProcListProperties(ClientPtr client)
temppAtoms = pAtoms;
for (pProp = wUserProps(pWin); pProp; pProp = pProp->next) {
realProp = pProp;
rc = XaceHookPropertyAccess(client, pWin, pProp, DixGetAttrAccess);
rc = XaceHookPropertyAccess(client, pWin, &realProp, DixGetAttrAccess);
if (rc == Success && realProp == pProp) {
*temppAtoms++ = pProp->propertyName;
numProps++;