From c1a861eedf2e3b0d11896adaab72b013a885af5a Mon Sep 17 00:00:00 2001
From: Eamon Walsh <ewalsh@tycho.nsa.gov>
Date: Tue, 15 Sep 2009 19:41:04 -0400
Subject: [PATCH] xselinux: Stop special-casing QueryPointer access checks.

XACE has been changed to not return BadAccess on device read failures.
Thus, no need for this workaround code.

[Backport to 1.7]

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
(cherry-picked from commit 0ff28319906eeb3f236acd72201c416ce01f2c6e)
---
 Xext/xselinux.c | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index b9b16b6ce..7bf96fdc7 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -686,17 +686,6 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
 	}
     }
 
-    /* XXX only check read permission on XQueryKeymap */
-    /* This is to allow the numerous apps that call XQueryPointer to work */
-    if (rec->access_mode & DixReadAccess) {
-	ClientPtr client = rec->client;
-	REQUEST(xReq);
-	if (stuff && stuff->reqType != X_QueryKeymap) {
-	    rec->access_mode &= ~DixReadAccess;
-	    rec->access_mode |= DixGetAttrAccess;
-	}
-    }
-
     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
 			&auditdata);
     if (rc != Success)