xselinux: Add a SetDeviceContext request and stubs for more requests.
This commit is contained in:
parent
5f9095f0d2
commit
3b7af72fe3
190
Xext/xselinux.c
190
Xext/xselinux.c
|
@ -985,10 +985,6 @@ static int
|
||||||
ProcSELinuxQueryVersion(ClientPtr client)
|
ProcSELinuxQueryVersion(ClientPtr client)
|
||||||
{
|
{
|
||||||
SELinuxQueryVersionReply rep;
|
SELinuxQueryVersionReply rep;
|
||||||
/*
|
|
||||||
REQUEST(SELinuxQueryVersionReq);
|
|
||||||
REQUEST_SIZE_MATCH (SELinuxQueryVersionReq);
|
|
||||||
*/
|
|
||||||
|
|
||||||
rep.type = X_Reply;
|
rep.type = X_Reply;
|
||||||
rep.length = 0;
|
rep.length = 0;
|
||||||
|
@ -1009,10 +1005,10 @@ ProcSELinuxQueryVersion(ClientPtr client)
|
||||||
static int
|
static int
|
||||||
ProcSELinuxSetSelectionManager(ClientPtr client)
|
ProcSELinuxSetSelectionManager(ClientPtr client)
|
||||||
{
|
{
|
||||||
REQUEST(SELinuxSetSelectionManagerReq);
|
|
||||||
WindowPtr pWin;
|
WindowPtr pWin;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
|
REQUEST(SELinuxSetSelectionManagerReq);
|
||||||
REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);
|
REQUEST_SIZE_MATCH(SELinuxSetSelectionManagerReq);
|
||||||
|
|
||||||
if (stuff->window == None) {
|
if (stuff->window == None) {
|
||||||
|
@ -1031,6 +1027,98 @@ ProcSELinuxSetSelectionManager(ClientPtr client)
|
||||||
return Success;
|
return Success;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetSelectionManager(ClientPtr client)
|
||||||
|
{
|
||||||
|
SELinuxGetSelectionManagerReply rep;
|
||||||
|
|
||||||
|
rep.type = X_Reply;
|
||||||
|
rep.length = 0;
|
||||||
|
rep.sequenceNumber = client->sequence;
|
||||||
|
rep.window = selectionWindow;
|
||||||
|
if (client->swapped) {
|
||||||
|
int n;
|
||||||
|
swaps(&rep.sequenceNumber, n);
|
||||||
|
swapl(&rep.length, n);
|
||||||
|
swapl(&rep.window, n);
|
||||||
|
}
|
||||||
|
WriteToClient(client, sizeof(rep), (char *)&rep);
|
||||||
|
return (client->noClientException);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxSetDeviceContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
char *ctx;
|
||||||
|
security_id_t sid;
|
||||||
|
DeviceIntPtr dev;
|
||||||
|
SELinuxStateRec *state;
|
||||||
|
int rc;
|
||||||
|
|
||||||
|
REQUEST(SELinuxSetContextReq);
|
||||||
|
REQUEST_FIXED_SIZE(SELinuxSetContextReq, stuff->context_len);
|
||||||
|
|
||||||
|
ctx = (char *)(stuff + 1);
|
||||||
|
if (ctx[stuff->context_len - 1])
|
||||||
|
return BadLength;
|
||||||
|
|
||||||
|
rc = dixLookupDevice(&dev, stuff->id, client, DixManageAccess);
|
||||||
|
if (rc != Success)
|
||||||
|
return rc;
|
||||||
|
|
||||||
|
rc = avc_context_to_sid(ctx, &sid);
|
||||||
|
if (rc != Success)
|
||||||
|
return BadValue;
|
||||||
|
|
||||||
|
state = dixLookupPrivate(&dev->devPrivates, stateKey);
|
||||||
|
sidput(state->sid);
|
||||||
|
state->sid = sid;
|
||||||
|
ErrorF("I really, actually did relabel a device to %s\n", ctx);
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetDeviceContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxSetPropertyCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetPropertyCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetPropertyContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxSetWindowCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetWindowCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
ProcSELinuxGetWindowContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
ProcSELinuxDispatch(ClientPtr client)
|
ProcSELinuxDispatch(ClientPtr client)
|
||||||
{
|
{
|
||||||
|
@ -1040,6 +1128,24 @@ ProcSELinuxDispatch(ClientPtr client)
|
||||||
return ProcSELinuxQueryVersion(client);
|
return ProcSELinuxQueryVersion(client);
|
||||||
case X_SELinuxSetSelectionManager:
|
case X_SELinuxSetSelectionManager:
|
||||||
return ProcSELinuxSetSelectionManager(client);
|
return ProcSELinuxSetSelectionManager(client);
|
||||||
|
case X_SELinuxGetSelectionManager:
|
||||||
|
return ProcSELinuxGetSelectionManager(client);
|
||||||
|
case X_SELinuxSetDeviceContext:
|
||||||
|
return ProcSELinuxSetDeviceContext(client);
|
||||||
|
case X_SELinuxGetDeviceContext:
|
||||||
|
return ProcSELinuxGetDeviceContext(client);
|
||||||
|
case X_SELinuxSetPropertyCreateContext:
|
||||||
|
return ProcSELinuxSetPropertyCreateContext(client);
|
||||||
|
case X_SELinuxGetPropertyCreateContext:
|
||||||
|
return ProcSELinuxGetPropertyCreateContext(client);
|
||||||
|
case X_SELinuxGetPropertyContext:
|
||||||
|
return ProcSELinuxGetPropertyContext(client);
|
||||||
|
case X_SELinuxSetWindowCreateContext:
|
||||||
|
return ProcSELinuxSetWindowCreateContext(client);
|
||||||
|
case X_SELinuxGetWindowCreateContext:
|
||||||
|
return ProcSELinuxGetWindowCreateContext(client);
|
||||||
|
case X_SELinuxGetWindowContext:
|
||||||
|
return ProcSELinuxGetWindowContext(client);
|
||||||
default:
|
default:
|
||||||
return BadRequest;
|
return BadRequest;
|
||||||
}
|
}
|
||||||
|
@ -1068,6 +1174,60 @@ SProcSELinuxSetSelectionManager(ClientPtr client)
|
||||||
return ProcSELinuxSetSelectionManager(client);
|
return ProcSELinuxSetSelectionManager(client);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetSelectionManager(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetSelectionManager(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxSetDeviceContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxSetDeviceContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetDeviceContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetDeviceContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxSetPropertyCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxSetPropertyCreateContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetPropertyCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetPropertyCreateContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetPropertyContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetPropertyContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxSetWindowCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxSetWindowCreateContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetWindowCreateContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetWindowCreateContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
SProcSELinuxGetWindowContext(ClientPtr client)
|
||||||
|
{
|
||||||
|
return ProcSELinuxGetWindowContext(client);
|
||||||
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
SProcSELinuxDispatch(ClientPtr client)
|
SProcSELinuxDispatch(ClientPtr client)
|
||||||
{
|
{
|
||||||
|
@ -1080,7 +1240,25 @@ SProcSELinuxDispatch(ClientPtr client)
|
||||||
case X_SELinuxQueryVersion:
|
case X_SELinuxQueryVersion:
|
||||||
return SProcSELinuxQueryVersion(client);
|
return SProcSELinuxQueryVersion(client);
|
||||||
case X_SELinuxSetSelectionManager:
|
case X_SELinuxSetSelectionManager:
|
||||||
return SProcSELinuxSetSelectionManager(client);
|
return SProcSELinuxSetSelectionManager(client);
|
||||||
|
case X_SELinuxGetSelectionManager:
|
||||||
|
return SProcSELinuxGetSelectionManager(client);
|
||||||
|
case X_SELinuxSetDeviceContext:
|
||||||
|
return SProcSELinuxSetDeviceContext(client);
|
||||||
|
case X_SELinuxGetDeviceContext:
|
||||||
|
return SProcSELinuxGetDeviceContext(client);
|
||||||
|
case X_SELinuxSetPropertyCreateContext:
|
||||||
|
return SProcSELinuxSetPropertyCreateContext(client);
|
||||||
|
case X_SELinuxGetPropertyCreateContext:
|
||||||
|
return SProcSELinuxGetPropertyCreateContext(client);
|
||||||
|
case X_SELinuxGetPropertyContext:
|
||||||
|
return SProcSELinuxGetPropertyContext(client);
|
||||||
|
case X_SELinuxSetWindowCreateContext:
|
||||||
|
return SProcSELinuxSetWindowCreateContext(client);
|
||||||
|
case X_SELinuxGetWindowCreateContext:
|
||||||
|
return SProcSELinuxGetWindowCreateContext(client);
|
||||||
|
case X_SELinuxGetWindowContext:
|
||||||
|
return SProcSELinuxGetWindowContext(client);
|
||||||
default:
|
default:
|
||||||
return BadRequest;
|
return BadRequest;
|
||||||
}
|
}
|
||||||
|
|
121
Xext/xselinux.h
121
Xext/xselinux.h
|
@ -30,10 +30,19 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||||
#define XSELinuxNumberErrors 0
|
#define XSELinuxNumberErrors 0
|
||||||
|
|
||||||
/* Extension protocol */
|
/* Extension protocol */
|
||||||
#define X_SELinuxQueryVersion 0
|
#define X_SELinuxQueryVersion 0
|
||||||
#define X_SELinuxSetSelectionManager 1
|
#define X_SELinuxSetSelectionManager 1
|
||||||
|
#define X_SELinuxGetSelectionManager 2
|
||||||
|
#define X_SELinuxSetDeviceContext 3
|
||||||
|
#define X_SELinuxGetDeviceContext 4
|
||||||
|
#define X_SELinuxSetPropertyCreateContext 5
|
||||||
|
#define X_SELinuxGetPropertyCreateContext 6
|
||||||
|
#define X_SELinuxGetPropertyContext 7
|
||||||
|
#define X_SELinuxSetWindowCreateContext 8
|
||||||
|
#define X_SELinuxGetWindowCreateContext 9
|
||||||
|
#define X_SELinuxGetWindowContext 10
|
||||||
|
|
||||||
typedef struct _SELinuxQueryVersion {
|
typedef struct {
|
||||||
CARD8 reqType;
|
CARD8 reqType;
|
||||||
CARD8 SELinuxReqType;
|
CARD8 SELinuxReqType;
|
||||||
CARD16 length;
|
CARD16 length;
|
||||||
|
@ -41,7 +50,6 @@ typedef struct _SELinuxQueryVersion {
|
||||||
CARD8 client_minor;
|
CARD8 client_minor;
|
||||||
CARD16 unused;
|
CARD16 unused;
|
||||||
} SELinuxQueryVersionReq;
|
} SELinuxQueryVersionReq;
|
||||||
#define sz_SELinuxQueryVersionReq 8
|
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
CARD8 type;
|
CARD8 type;
|
||||||
|
@ -56,15 +64,114 @@ typedef struct {
|
||||||
CARD32 pad5;
|
CARD32 pad5;
|
||||||
CARD32 pad6;
|
CARD32 pad6;
|
||||||
} SELinuxQueryVersionReply;
|
} SELinuxQueryVersionReply;
|
||||||
#define sz_SELinuxQueryVersionReply 32
|
|
||||||
|
|
||||||
typedef struct _SELinuxSetSelectionManager {
|
typedef struct {
|
||||||
CARD8 reqType;
|
CARD8 reqType;
|
||||||
CARD8 SELinuxReqType;
|
CARD8 SELinuxReqType;
|
||||||
CARD16 length;
|
CARD16 length;
|
||||||
CARD32 window;
|
CARD32 window;
|
||||||
} SELinuxSetSelectionManagerReq;
|
} SELinuxSetSelectionManagerReq;
|
||||||
#define sz_SELinuxSetSelectionManagerReq 8
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
} SELinuxGetSelectionManagerReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 type;
|
||||||
|
CARD8 pad1;
|
||||||
|
CARD16 sequenceNumber;
|
||||||
|
CARD32 length;
|
||||||
|
CARD32 window;
|
||||||
|
CARD32 pad2;
|
||||||
|
CARD32 pad3;
|
||||||
|
CARD32 pad4;
|
||||||
|
CARD32 pad5;
|
||||||
|
CARD32 pad6;
|
||||||
|
} SELinuxGetSelectionManagerReply;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
CARD8 permanent;
|
||||||
|
CARD8 unused;
|
||||||
|
CARD16 context_len;
|
||||||
|
} SELinuxSetCreateContextReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
} SELinuxGetCreateContextReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 type;
|
||||||
|
CARD8 permanent;
|
||||||
|
CARD16 sequenceNumber;
|
||||||
|
CARD32 length;
|
||||||
|
CARD16 context_len;
|
||||||
|
CARD16 pad1;
|
||||||
|
CARD32 pad2;
|
||||||
|
CARD32 pad3;
|
||||||
|
CARD32 pad4;
|
||||||
|
CARD32 pad5;
|
||||||
|
CARD32 pad6;
|
||||||
|
} SELinuxGetCreateContextReply;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
CARD32 id;
|
||||||
|
CARD16 unused;
|
||||||
|
CARD16 context_len;
|
||||||
|
} SELinuxSetContextReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
CARD32 id;
|
||||||
|
} SELinuxGetContextReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 type;
|
||||||
|
CARD8 pad1;
|
||||||
|
CARD16 sequenceNumber;
|
||||||
|
CARD32 length;
|
||||||
|
CARD16 context_len;
|
||||||
|
CARD16 pad2;
|
||||||
|
CARD32 pad3;
|
||||||
|
CARD32 pad4;
|
||||||
|
CARD32 pad5;
|
||||||
|
CARD32 pad6;
|
||||||
|
CARD32 pad7;
|
||||||
|
} SELinuxGetContextReply;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 reqType;
|
||||||
|
CARD8 SELinuxReqType;
|
||||||
|
CARD16 length;
|
||||||
|
CARD32 window;
|
||||||
|
CARD32 property;
|
||||||
|
} SELinuxGetPropertyContextReq;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
CARD8 type;
|
||||||
|
CARD8 pad1;
|
||||||
|
CARD16 sequenceNumber;
|
||||||
|
CARD32 length;
|
||||||
|
CARD16 context_len;
|
||||||
|
CARD16 pad2;
|
||||||
|
CARD32 pad3;
|
||||||
|
CARD32 pad4;
|
||||||
|
CARD32 pad5;
|
||||||
|
CARD32 pad6;
|
||||||
|
CARD32 pad7;
|
||||||
|
} SELinuxGetPropertyContextReply;
|
||||||
|
|
||||||
|
|
||||||
/* Private Flask definitions */
|
/* Private Flask definitions */
|
||||||
#define SECCLASS_X_DRAWABLE 1
|
#define SECCLASS_X_DRAWABLE 1
|
||||||
|
|
Loading…
Reference in New Issue
Block a user