From dd0dcbe99d695b3199a7ccf771bc741f4bf0853e Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Fri, 17 May 2024 15:17:27 +0200
Subject: [PATCH] xace: typesafe hook function for XACE_SERVER_ACCESS

he generic XaceHook() call isn't typesafe (und unnecessarily slow).
Better add an explicit function, just like we already have for others.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1556>
(cherry picked from commit 47d6c3ad750f7dd645de0c7e11b5575a7b8a1e67)
---
 Xext/xace.c     | 15 +++++++--------
 Xext/xace.h     |  1 +
 dix/dispatch.c  |  2 +-
 dix/dixfonts.c  |  8 ++++----
 os/access.c     |  2 +-
 os/connection.c |  2 +-
 xkb/xkb.c       |  2 +-
 7 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/Xext/xace.c b/Xext/xace.c
index 4755ac7e4..bfd428d32 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -109,13 +109,19 @@ int XaceHookExtAccess(ClientPtr client, ExtensionEntry *ext)
     return rec.status;
 }
 
+int XaceHookServerAccess(ClientPtr client, Mask access_mode)
+{
+    XaceServerAccessRec rec = { client, access_mode, Success };
+    CallCallbacks(&XaceHooks[XACE_SERVER_ACCESS], &rec);
+    return rec.status;
+}
+
 /* Entry point for hook functions.  Called by Xserver.
  */
 int
 XaceHook(int hook, ...)
 {
     union {
-        XaceServerAccessRec server;
         XaceScreenAccessRec screen;
         XaceAuthAvailRec auth;
         XaceKeyAvailRec key;
@@ -134,13 +140,6 @@ XaceHook(int hook, ...)
      * sets calldata directly to a single argument (with no return result)
      */
     switch (hook) {
-    case XACE_SERVER_ACCESS:
-        u.server.client = va_arg(ap, ClientPtr);
-        u.server.access_mode = va_arg(ap, Mask);
-
-        u.server.status = Success;      /* default allow */
-        prv = &u.server.status;
-        break;
     case XACE_SCREEN_ACCESS:
     case XACE_SCREENSAVER_ACCESS:
         u.screen.client = va_arg(ap, ClientPtr);
diff --git a/Xext/xace.h b/Xext/xace.h
index 3819610ae..8cabb8e98 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -92,6 +92,7 @@ int XaceHookSendAccess(ClientPtr client, DeviceIntPtr dev, WindowPtr win,
 int XaceHookReceiveAccess(ClientPtr client, WindowPtr win, xEventPtr ev, int count);
 int XaceHookClientAccess(ClientPtr client, ClientPtr target, Mask access_mode);
 int XaceHookExtAccess(ClientPtr client, ExtensionEntry *ext);
+int XaceHookServerAccess(ClientPtr client, Mask access_mode);
 
 
 /* Register a callback for a given hook.
diff --git a/dix/dispatch.c b/dix/dispatch.c
index a40036f0a..3a39579ca 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -3275,7 +3275,7 @@ ProcListHosts(ClientPtr client)
     REQUEST_SIZE_MATCH(xListHostsReq);
 
     /* untrusted clients can't list hosts */
-    result = XaceHook(XACE_SERVER_ACCESS, client, DixReadAccess);
+    result = XaceHookServerAccess(client, DixReadAccess);
     if (result != Success)
         return result;
 
diff --git a/dix/dixfonts.c b/dix/dixfonts.c
index 95eea1d47..11a81b621 100644
--- a/dix/dixfonts.c
+++ b/dix/dixfonts.c
@@ -805,7 +805,7 @@ ListFonts(ClientPtr client, unsigned char *pattern, unsigned length,
     if (length > XLFDMAXFONTNAMELEN)
         return BadAlloc;
 
-    i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
+    i = XaceHookServerAccess(client, DixGetAttrAccess);
     if (i != Success)
         return i;
 
@@ -1051,7 +1051,7 @@ StartListFontsWithInfo(ClientPtr client, int length, unsigned char *pattern,
     if (length > XLFDMAXFONTNAMELEN)
         return BadAlloc;
 
-    i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
+    i = XaceHookServerAccess(client, DixGetAttrAccess);
     if (i != Success)
         return i;
 
@@ -1674,7 +1674,7 @@ SetFontPathElements(int npaths, unsigned char *paths, int *bad, Bool persist)
 int
 SetFontPath(ClientPtr client, int npaths, unsigned char *paths)
 {
-    int err = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
+    int err = XaceHookServerAccess(client, DixManageAccess);
 
     if (err != Success)
         return err;
@@ -1762,7 +1762,7 @@ GetFontPath(ClientPtr client, int *count, int *length, unsigned char **result)
     int len;
     FontPathElementPtr fpe;
 
-    i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
+    i = XaceHookServerAccess(client, DixGetAttrAccess);
     if (i != Success)
         return i;
 
diff --git a/os/access.c b/os/access.c
index b7e65b579..35e6ae7eb 100644
--- a/os/access.c
+++ b/os/access.c
@@ -1292,7 +1292,7 @@ AuthorizedClient(ClientPtr client)
         return Success;
 
     /* untrusted clients can't change host access */
-    rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
+    rc = XaceHookServerAccess(client, DixManageAccess);
     if (rc != Success)
         return rc;
 
diff --git a/os/connection.c b/os/connection.c
index 1db603418..67a49f852 100644
--- a/os/connection.c
+++ b/os/connection.c
@@ -862,7 +862,7 @@ OnlyListenToOneClient(ClientPtr client)
 {
     int rc;
 
-    rc = XaceHook(XACE_SERVER_ACCESS, client, DixGrabAccess);
+    rc = XaceHookServerAccess(client, DixGrabAccess);
     if (rc != Success)
         return rc;
 
diff --git a/xkb/xkb.c b/xkb/xkb.c
index bee287868..635595f6b 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -6956,7 +6956,7 @@ ProcXkbSetDebuggingFlags(ClientPtr client)
     REQUEST(xkbSetDebuggingFlagsReq);
     REQUEST_AT_LEAST_SIZE(xkbSetDebuggingFlagsReq);
 
-    rc = XaceHook(XACE_SERVER_ACCESS, client, DixDebugAccess);
+    rc = XaceHookServerAccess(client, DixDebugAccess);
     if (rc != Success)
         return rc;