From 3ef2e9e623819c625a92f464fb14f1e5c181df42 Mon Sep 17 00:00:00 2001 From: Eamon Walsh Date: Thu, 16 Aug 2007 12:27:48 -0400 Subject: [PATCH] xace: add hooks + new access codes: core protocol pixmap requests --- dix/dispatch.c | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/dix/dispatch.c b/dix/dispatch.c index f6a85bb6d..ece240c69 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -1500,7 +1500,7 @@ ProcCreatePixmap(ClientPtr client) LEGAL_NEW_RESOURCE(stuff->pid, client); rc = dixLookupDrawable(&pDraw, stuff->drawable, client, M_ANY, - DixReadAccess); + DixGetAttrAccess); if (rc != Success) return rc; @@ -1543,9 +1543,17 @@ CreatePmap: { pMap->drawable.serialNumber = NEXT_SERIAL_NUMBER; pMap->drawable.id = stuff->pid; + /* security creation/labeling check */ + rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP, + DixCreateAccess, pMap); + if (rc != Success) { + (*pDraw->pScreen->DestroyPixmap)(pMap); + return rc; + } if (AddResource(stuff->pid, RT_PIXMAP, (pointer)pMap)) return(client->noClientException); } + (*pDraw->pScreen->DestroyPixmap)(pMap); return (BadAlloc); } @@ -1553,13 +1561,13 @@ int ProcFreePixmap(ClientPtr client) { PixmapPtr pMap; - + int rc; REQUEST(xResourceReq); - REQUEST_SIZE_MATCH(xResourceReq); - pMap = (PixmapPtr)SecurityLookupIDByType(client, stuff->id, RT_PIXMAP, - DixDestroyAccess); - if (pMap) + + rc = dixLookupResource((pointer *)&pMap, stuff->id, RT_PIXMAP, client, + DixDestroyAccess); + if (rc == Success) { FreeResource(stuff->id, RT_NONE); return(client->noClientException); @@ -1567,7 +1575,7 @@ ProcFreePixmap(ClientPtr client) else { client->errorValue = stuff->id; - return (BadPixmap); + return (rc == BadValue) ? BadPixmap : rc; } }