xace: add new fields to resource access hook to allow parent resource objects
to be passed in at create time. Also added a missing devPrivates initializer.
This commit is contained in:
parent
ce9e83d913
commit
0003ccfcdf
|
@ -72,8 +72,10 @@ int XaceHook(int hook, ...)
|
|||
va_arg(ap, ClientPtr),
|
||||
va_arg(ap, XID),
|
||||
va_arg(ap, RESTYPE),
|
||||
va_arg(ap, Mask),
|
||||
va_arg(ap, pointer),
|
||||
va_arg(ap, RESTYPE),
|
||||
va_arg(ap, pointer),
|
||||
va_arg(ap, Mask),
|
||||
Success /* default allow */
|
||||
};
|
||||
calldata = &rec;
|
||||
|
|
|
@ -41,8 +41,10 @@ typedef struct {
|
|||
ClientPtr client;
|
||||
XID id;
|
||||
RESTYPE rtype;
|
||||
Mask access_mode;
|
||||
pointer res;
|
||||
RESTYPE ptype;
|
||||
pointer parent;
|
||||
Mask access_mode;
|
||||
int status;
|
||||
} XaceResourceAccessRec;
|
||||
|
||||
|
|
|
@ -459,7 +459,7 @@ ProcCompositeGetOverlayWindow (ClientPtr client)
|
|||
}
|
||||
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id,
|
||||
RT_WINDOW, DixGetAttrAccess, cs->pOverlayWin);
|
||||
RT_WINDOW, cs->pOverlayWin, RT_NONE, NULL, DixGetAttrAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
|
||||
|
|
|
@ -397,7 +397,7 @@ CreateColormap (Colormap mid, ScreenPtr pScreen, VisualPtr pVisual,
|
|||
* Security creation/labeling check
|
||||
*/
|
||||
i = XaceHook(XACE_RESOURCE_ACCESS, clients[client], mid, RT_COLORMAP,
|
||||
DixCreateAccess, pmap);
|
||||
pmap, RT_NONE, NULL, DixCreateAccess);
|
||||
if (i != Success) {
|
||||
FreeResource(mid, RT_NONE);
|
||||
return i;
|
||||
|
|
|
@ -212,12 +212,12 @@ AllocARGBCursor(unsigned char *psrcbits, unsigned char *pmaskbits,
|
|||
pCurs->backGreen = backGreen;
|
||||
pCurs->backBlue = backBlue;
|
||||
|
||||
pCurs->devPrivates = NULL;
|
||||
pCurs->id = cid;
|
||||
pCurs->devPrivates = NULL;
|
||||
|
||||
/* security creation/labeling check */
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
|
||||
DixCreateAccess, pCurs);
|
||||
pCurs, RT_NONE, NULL, DixCreateAccess);
|
||||
if (rc != Success) {
|
||||
dixFreePrivates(pCurs->devPrivates);
|
||||
FreeCursorBits(bits);
|
||||
|
@ -365,6 +365,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
|
|||
bits->height = cm.height;
|
||||
bits->xhot = cm.xhot;
|
||||
bits->yhot = cm.yhot;
|
||||
bits->devPrivates = NULL;
|
||||
if (sourcefont != maskfont)
|
||||
bits->refcnt = -1;
|
||||
else
|
||||
|
@ -406,7 +407,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
|
|||
|
||||
/* security creation/labeling check */
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
|
||||
DixCreateAccess, pCurs);
|
||||
pCurs, RT_NONE, NULL, DixCreateAccess);
|
||||
if (rc != Success) {
|
||||
dixFreePrivates(pCurs->devPrivates);
|
||||
FreeCursorBits(bits);
|
||||
|
|
|
@ -1558,7 +1558,7 @@ CreatePmap:
|
|||
pMap->drawable.id = stuff->pid;
|
||||
/* security creation/labeling check */
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP,
|
||||
DixCreateAccess, pMap);
|
||||
pMap, RT_NONE, NULL, DixCreateAccess);
|
||||
if (rc != Success) {
|
||||
(*pDraw->pScreen->DestroyPixmap)(pMap);
|
||||
return rc;
|
||||
|
|
4
dix/gc.c
4
dix/gc.c
|
@ -638,8 +638,8 @@ CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus,
|
|||
pGC->stipple->refcnt++;
|
||||
|
||||
/* security creation/labeling check */
|
||||
*pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC,
|
||||
DixCreateAccess|DixSetAttrAccess, pGC);
|
||||
*pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC, pGC,
|
||||
RT_NONE, NULL, DixCreateAccess|DixSetAttrAccess);
|
||||
if (*pStatus != Success)
|
||||
goto out;
|
||||
|
||||
|
|
|
@ -901,7 +901,7 @@ dixLookupResource(pointer *result, XID id, RESTYPE rtype,
|
|||
if (client) {
|
||||
client->errorValue = id;
|
||||
cid = XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type,
|
||||
mode, res->value);
|
||||
res->value, RT_NONE, NULL, mode);
|
||||
if (cid != Success)
|
||||
return cid;
|
||||
}
|
||||
|
|
10
dix/window.c
10
dix/window.c
|
@ -698,8 +698,8 @@ CreateWindow(Window wid, WindowPtr pParent, int x, int y, unsigned w,
|
|||
|
||||
/* security creation/labeling check
|
||||
*/
|
||||
*error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW,
|
||||
DixCreateAccess|DixSetAttrAccess, pWin);
|
||||
*error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW, pWin,
|
||||
RT_WINDOW, pWin->parent, DixCreateAccess|DixSetAttrAccess);
|
||||
if (*error != Success) {
|
||||
xfree(pWin);
|
||||
return NullWindow;
|
||||
|
@ -955,7 +955,7 @@ DestroySubwindows(WindowPtr pWin, ClientPtr client)
|
|||
while (pWin->lastChild) {
|
||||
int rc = XaceHook(XACE_RESOURCE_ACCESS, client,
|
||||
pWin->lastChild->drawable.id, RT_WINDOW,
|
||||
DixDestroyAccess, pWin->lastChild);
|
||||
pWin->lastChild, RT_NONE, NULL, DixDestroyAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
FreeResource(pWin->lastChild->drawable.id, RT_NONE);
|
||||
|
@ -1275,7 +1275,7 @@ ChangeWindowAttributes(WindowPtr pWin, Mask vmask, XID *vlist, ClientPtr client)
|
|||
}
|
||||
if (val == xTrue) {
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id,
|
||||
RT_WINDOW, DixGrabAccess, pWin);
|
||||
RT_WINDOW, pWin, RT_NONE, NULL, DixGrabAccess);
|
||||
if (rc != Success) {
|
||||
error = rc;
|
||||
client->errorValue = pWin->drawable.id;
|
||||
|
@ -2745,7 +2745,7 @@ MapWindow(WindowPtr pWin, ClientPtr client)
|
|||
|
||||
/* general check for permission to map window */
|
||||
if (XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, RT_WINDOW,
|
||||
DixShowAccess, pWin) != Success)
|
||||
pWin, RT_NONE, NULL, DixShowAccess) != Success)
|
||||
return Success;
|
||||
|
||||
pScreen = pWin->drawable.pScreen;
|
||||
|
|
|
@ -377,12 +377,12 @@ AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *pp
|
|||
pCursor->backGreen = cursors[0]->backGreen;
|
||||
pCursor->backBlue = cursors[0]->backBlue;
|
||||
|
||||
pCursor->devPrivates = NULL;
|
||||
pCursor->id = cid;
|
||||
pCursor->devPrivates = NULL;
|
||||
|
||||
/* security creation/labeling check */
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
|
||||
DixCreateAccess, pCursor);
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, pCursor,
|
||||
RT_NONE, NULL, DixCreateAccess);
|
||||
if (rc != Success) {
|
||||
dixFreePrivates(pCursor->devPrivates);
|
||||
xfree(pCursor);
|
||||
|
|
|
@ -727,8 +727,8 @@ CreatePicture (Picture pid,
|
|||
pPicture->devPrivates = NULL;
|
||||
|
||||
/* security creation/labeling check */
|
||||
*error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType,
|
||||
DixCreateAccess|DixSetAttrAccess, pPicture);
|
||||
*error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, pPicture,
|
||||
RC_DRAWABLE, pDrawable, DixCreateAccess|DixSetAttrAccess);
|
||||
if (*error != Success)
|
||||
goto out;
|
||||
|
||||
|
|
|
@ -1025,7 +1025,7 @@ ProcRenderCreateGlyphSet (ClientPtr client)
|
|||
return BadAlloc;
|
||||
/* security creation/labeling check */
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType,
|
||||
DixCreateAccess, glyphSet);
|
||||
glyphSet, RT_NONE, NULL, DixCreateAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
|
||||
|
@ -1903,7 +1903,7 @@ static int ProcRenderCreateSolidFill(ClientPtr client)
|
|||
return error;
|
||||
/* security creation/labeling check */
|
||||
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
|
||||
DixCreateAccess, pPicture);
|
||||
pPicture, RT_NONE, NULL, DixCreateAccess);
|
||||
if (error != Success)
|
||||
return error;
|
||||
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
|
||||
|
@ -1937,7 +1937,7 @@ static int ProcRenderCreateLinearGradient (ClientPtr client)
|
|||
return error;
|
||||
/* security creation/labeling check */
|
||||
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
|
||||
DixCreateAccess, pPicture);
|
||||
pPicture, RT_NONE, NULL, DixCreateAccess);
|
||||
if (error != Success)
|
||||
return error;
|
||||
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
|
||||
|
@ -1972,7 +1972,7 @@ static int ProcRenderCreateRadialGradient (ClientPtr client)
|
|||
return error;
|
||||
/* security creation/labeling check */
|
||||
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
|
||||
DixCreateAccess, pPicture);
|
||||
pPicture, RT_NONE, NULL, DixCreateAccess);
|
||||
if (error != Success)
|
||||
return error;
|
||||
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
|
||||
|
@ -2006,7 +2006,7 @@ static int ProcRenderCreateConicalGradient (ClientPtr client)
|
|||
return error;
|
||||
/* security creation/labeling check */
|
||||
error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
|
||||
DixCreateAccess, pPicture);
|
||||
pPicture, RT_NONE, NULL, DixCreateAccess);
|
||||
if (error != Success)
|
||||
return error;
|
||||
if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
|
||||
|
|
|
@ -351,7 +351,7 @@ ProcXFixesGetCursorImage (ClientPtr client)
|
|||
if (!pCursor)
|
||||
return BadCursor;
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
|
||||
DixReadAccess, pCursor);
|
||||
pCursor, RT_NONE, NULL, DixReadAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
GetSpritePosition (&x, &y);
|
||||
|
@ -503,7 +503,7 @@ ProcXFixesGetCursorImageAndName (ClientPtr client)
|
|||
if (!pCursor)
|
||||
return BadCursor;
|
||||
rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
|
||||
DixReadAccess|DixGetAttrAccess, pCursor);
|
||||
pCursor, RT_NONE, NULL, DixReadAccess|DixGetAttrAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
GetSpritePosition (&x, &y);
|
||||
|
|
Loading…
Reference in New Issue