xselinux: Add a SetDeviceContext request and stubs for more requests.

2007-10-26 20:32:10 -04:00 · 2007-10-26 20:32:10 -04:00 · 3b7af72fe3
commit 3b7af72fe3
parent 5f9095f0d2
2 changed files with 298 additions and 13 deletions
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@ -985,10 +985,6 @@ static int
 ProcSELinuxQueryVersion(ClientPtr client)
 {
    SELinuxQueryVersionReply rep;
-    /*
-      REQUEST(SELinuxQueryVersionReq);
-      REQUEST_SIZE_MATCH (SELinuxQueryVersionReq);
-    */

    rep.type = X_Reply;
    rep.length = 0;
@ -1009,10 +1005,10 @@ ProcSELinuxQueryVersion(ClientPtr client)
 static int
 ProcSELinuxSetSelectionManager(ClientPtr client)
 {
-    REQUEST(SELinuxSetSelectionManagerReq);
    WindowPtr pWin;
    int rc;

+    REQUEST(SELinuxSetSelectionManagerReq);
    REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);

    if (stuff->window == None) {
@ -1031,6 +1027,98 @@ ProcSELinuxSetSelectionManager(ClientPtr client)
    return Success;
 }

+static int
+ProcSELinuxGetSelectionManager(ClientPtr client)
+{
+    SELinuxGetSelectionManagerReply rep;
+
+    rep.type = X_Reply;
+    rep.length = 0;
+    rep.sequenceNumber = client->sequence;
+    rep.window = selectionWindow;
+    if (client->swapped) {
+	int n;
+	swaps(&rep.sequenceNumber, n);
+	swapl(&rep.length, n);
+	swapl(&rep.window, n);
+    }
+    WriteToClient(client, sizeof(rep), (char *)&rep);
+    return (client->noClientException);
+}
+
+static int
+ProcSELinuxSetDeviceContext(ClientPtr client)
+{
+    char *ctx;
+    security_id_t sid;
+    DeviceIntPtr dev;
+    SELinuxStateRec *state;
+    int rc;
+
+    REQUEST(SELinuxSetContextReq);
+    REQUEST_FIXED_SIZE(SELinuxSetContextReq, stuff->context_len);
+
+    ctx = (char *)(stuff + 1);
+    if (ctx[stuff->context_len - 1])
+	return BadLength;
+
+    rc = dixLookupDevice(&dev, stuff->id, client, DixManageAccess);
+    if (rc != Success)
+	return rc;
+
+    rc = avc_context_to_sid(ctx, &sid);
+    if (rc != Success)
+	return BadValue;
+
+    state = dixLookupPrivate(&dev->devPrivates, stateKey);
+    sidput(state->sid);
+    state->sid = sid;
+    ErrorF("I really, actually did relabel a device to %s\n", ctx);
+    return Success;
+}
+
+static int
+ProcSELinuxGetDeviceContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxSetPropertyCreateContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxGetPropertyCreateContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxGetPropertyContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxSetWindowCreateContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxGetWindowCreateContext(ClientPtr client)
+{
+    return Success;
+}
+
+static int
+ProcSELinuxGetWindowContext(ClientPtr client)
+{
+    return Success;
+}
+
 static int
 ProcSELinuxDispatch(ClientPtr client)
 {
@ -1040,6 +1128,24 @@ ProcSELinuxDispatch(ClientPtr client)
        return ProcSELinuxQueryVersion(client);
    case X_SELinuxSetSelectionManager:
 	return ProcSELinuxSetSelectionManager(client);
+    case X_SELinuxGetSelectionManager:
+    	return ProcSELinuxGetSelectionManager(client);
+    case X_SELinuxSetDeviceContext:
+    	return ProcSELinuxSetDeviceContext(client);
+    case X_SELinuxGetDeviceContext:
+    	return ProcSELinuxGetDeviceContext(client);
+    case X_SELinuxSetPropertyCreateContext:
+    	return ProcSELinuxSetPropertyCreateContext(client);
+    case X_SELinuxGetPropertyCreateContext:
+    	return ProcSELinuxGetPropertyCreateContext(client);
+    case X_SELinuxGetPropertyContext:
+    	return ProcSELinuxGetPropertyContext(client);
+    case X_SELinuxSetWindowCreateContext:
+    	return ProcSELinuxSetWindowCreateContext(client);
+    case X_SELinuxGetWindowCreateContext:
+    	return ProcSELinuxGetWindowCreateContext(client);
+    case X_SELinuxGetWindowContext:
+    	return ProcSELinuxGetWindowContext(client);
    default:
 	return BadRequest;
    }
@ -1068,6 +1174,60 @@ SProcSELinuxSetSelectionManager(ClientPtr client)
    return ProcSELinuxSetSelectionManager(client);
 }

+static int
+SProcSELinuxGetSelectionManager(ClientPtr client)
+{
+    return ProcSELinuxGetSelectionManager(client);
+}
+
+static int
+SProcSELinuxSetDeviceContext(ClientPtr client)
+{
+    return ProcSELinuxSetDeviceContext(client);
+}
+
+static int
+SProcSELinuxGetDeviceContext(ClientPtr client)
+{
+    return ProcSELinuxGetDeviceContext(client);
+}
+
+static int
+SProcSELinuxSetPropertyCreateContext(ClientPtr client)
+{
+    return ProcSELinuxSetPropertyCreateContext(client);
+}
+
+static int
+SProcSELinuxGetPropertyCreateContext(ClientPtr client)
+{
+    return ProcSELinuxGetPropertyCreateContext(client);
+}
+
+static int
+SProcSELinuxGetPropertyContext(ClientPtr client)
+{
+    return ProcSELinuxGetPropertyContext(client);
+}
+
+static int
+SProcSELinuxSetWindowCreateContext(ClientPtr client)
+{
+    return ProcSELinuxSetWindowCreateContext(client);
+}
+
+static int
+SProcSELinuxGetWindowCreateContext(ClientPtr client)
+{
+    return ProcSELinuxGetWindowCreateContext(client);
+}
+
+static int
+SProcSELinuxGetWindowContext(ClientPtr client)
+{
+    return ProcSELinuxGetWindowContext(client);
+}
+
 static int
 SProcSELinuxDispatch(ClientPtr client)
 {
@ -1080,7 +1240,25 @@ SProcSELinuxDispatch(ClientPtr client)
    case X_SELinuxQueryVersion:
        return SProcSELinuxQueryVersion(client);
    case X_SELinuxSetSelectionManager:
-        return SProcSELinuxSetSelectionManager(client);
+	return SProcSELinuxSetSelectionManager(client);
+    case X_SELinuxGetSelectionManager:
+    	return SProcSELinuxGetSelectionManager(client);
+    case X_SELinuxSetDeviceContext:
+    	return SProcSELinuxSetDeviceContext(client);
+    case X_SELinuxGetDeviceContext:
+    	return SProcSELinuxGetDeviceContext(client);
+    case X_SELinuxSetPropertyCreateContext:
+    	return SProcSELinuxSetPropertyCreateContext(client);
+    case X_SELinuxGetPropertyCreateContext:
+    	return SProcSELinuxGetPropertyCreateContext(client);
+    case X_SELinuxGetPropertyContext:
+    	return SProcSELinuxGetPropertyContext(client);
+    case X_SELinuxSetWindowCreateContext:
+    	return SProcSELinuxSetWindowCreateContext(client);
+    case X_SELinuxGetWindowCreateContext:
+    	return SProcSELinuxGetWindowCreateContext(client);
+    case X_SELinuxGetWindowContext:
+    	return SProcSELinuxGetWindowContext(client);
    default:
 	return BadRequest;
    }
--- a/Xext/xselinux.h
+++ b/Xext/xselinux.h
@ -30,10 +30,19 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #define XSELinuxNumberErrors		0

 /* Extension protocol */
-#define X_SELinuxQueryVersion		0
-#define X_SELinuxSetSelectionManager	1
+#define X_SELinuxQueryVersion			0
+#define X_SELinuxSetSelectionManager		1
+#define X_SELinuxGetSelectionManager		2
+#define X_SELinuxSetDeviceContext		3
+#define X_SELinuxGetDeviceContext		4
+#define X_SELinuxSetPropertyCreateContext	5
+#define X_SELinuxGetPropertyCreateContext	6
+#define X_SELinuxGetPropertyContext		7
+#define X_SELinuxSetWindowCreateContext		8
+#define X_SELinuxGetWindowCreateContext		9
+#define X_SELinuxGetWindowContext		10

-typedef struct _SELinuxQueryVersion {
+typedef struct {
    CARD8   reqType;
    CARD8   SELinuxReqType;
    CARD16  length;
@ -41,7 +50,6 @@ typedef struct _SELinuxQueryVersion {
    CARD8   client_minor;
    CARD16  unused;
 } SELinuxQueryVersionReq;
-#define sz_SELinuxQueryVersionReq 8

 typedef struct {
    CARD8   type;
@ -56,15 +64,114 @@ typedef struct {
    CARD32  pad5;
    CARD32  pad6; 
 } SELinuxQueryVersionReply;
-#define sz_SELinuxQueryVersionReply  32

-typedef struct _SELinuxSetSelectionManager {
+typedef struct {
    CARD8   reqType;
    CARD8   SELinuxReqType;
    CARD16  length;
    CARD32  window;
 } SELinuxSetSelectionManagerReq;
-#define sz_SELinuxSetSelectionManagerReq 8
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+} SELinuxGetSelectionManagerReq;
+
+typedef struct {
+    CARD8   type;
+    CARD8   pad1;
+    CARD16  sequenceNumber;
+    CARD32  length;
+    CARD32  window;
+    CARD32  pad2;
+    CARD32  pad3;
+    CARD32  pad4;
+    CARD32  pad5;
+    CARD32  pad6;
+} SELinuxGetSelectionManagerReply;
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+    CARD8   permanent;
+    CARD8   unused;
+    CARD16  context_len;
+} SELinuxSetCreateContextReq;
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+} SELinuxGetCreateContextReq;
+
+typedef struct {
+    CARD8   type;
+    CARD8   permanent;
+    CARD16  sequenceNumber;
+    CARD32  length;
+    CARD16  context_len;
+    CARD16  pad1;
+    CARD32  pad2;
+    CARD32  pad3;
+    CARD32  pad4;
+    CARD32  pad5;
+    CARD32  pad6;
+} SELinuxGetCreateContextReply;
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+    CARD32  id;
+    CARD16  unused;
+    CARD16  context_len;
+} SELinuxSetContextReq;
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+    CARD32  id;
+} SELinuxGetContextReq;
+
+typedef struct {
+    CARD8   type;
+    CARD8   pad1;
+    CARD16  sequenceNumber;
+    CARD32  length;
+    CARD16  context_len;
+    CARD16  pad2;
+    CARD32  pad3;
+    CARD32  pad4;
+    CARD32  pad5;
+    CARD32  pad6;
+    CARD32  pad7;
+} SELinuxGetContextReply;
+
+typedef struct {
+    CARD8   reqType;
+    CARD8   SELinuxReqType;
+    CARD16  length;
+    CARD32  window;
+    CARD32  property;
+} SELinuxGetPropertyContextReq;
+
+typedef struct {
+    CARD8   type;
+    CARD8   pad1;
+    CARD16  sequenceNumber;
+    CARD32  length;
+    CARD16  context_len;
+    CARD16  pad2;
+    CARD32  pad3;
+    CARD32  pad4;
+    CARD32  pad5;
+    CARD32  pad6;
+    CARD32  pad7;
+} SELinuxGetPropertyContextReply;
+

 /* Private Flask definitions */
 #define SECCLASS_X_DRAWABLE		1