Move SELinux from extmod to built-in
Instead of letting it languish in extmod just because we want to configure bits of it from xf86, move XSELinux to the builtin part of Xext, and do its configuration from xf86ExtensionInit. Signed-off-by: Daniel Stone <daniel@fooishbar.org> Reviewed-by: Jamey Sharp <jamey@minilop.net> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Keith Packard <keithp@keithp.com>
This commit is contained in:
parent
5d92ee4081
commit
6fb481d125
|
@ -30,6 +30,7 @@ BUILTIN_SRCS = \
|
|||
syncsrv.h \
|
||||
xcmisc.c \
|
||||
xtest.c
|
||||
BUILTIN_LIBS =
|
||||
|
||||
# Sources always included in libXextmodule.la & libXext.la. That's right, zero.
|
||||
MODULE_SRCS =
|
||||
|
@ -84,8 +85,8 @@ endif
|
|||
# requires X-ACE extension
|
||||
XSELINUX_SRCS = xselinux_ext.c xselinux_hooks.c xselinux_label.c xselinux.h xselinuxint.h
|
||||
if XSELINUX
|
||||
MODULE_SRCS += $(XSELINUX_SRCS)
|
||||
MODULE_LIBS += $(SELINUX_LIBS)
|
||||
BUILTIN_SRCS += $(XSELINUX_SRCS)
|
||||
BUILTIN_LIBS += $(SELINUX_LIBS)
|
||||
endif
|
||||
|
||||
# Security extension: multi-level security to protect clients from each other
|
||||
|
@ -109,10 +110,11 @@ endif
|
|||
# Now take all of the above, mix well, bake for 10 minutes and get libXext*.la
|
||||
|
||||
libXext_la_SOURCES = $(BUILTIN_SRCS) $(MODULE_SRCS)
|
||||
libXext_la_LIBADD = $(MODULE_LIBS)
|
||||
libXext_la_LIBADD = $(BUILTIN_LIBS) $(MODULE_LIBS)
|
||||
|
||||
if XORG
|
||||
libXextbuiltin_la_SOURCES = $(BUILTIN_SRCS)
|
||||
libXextbuiltin_la_LIBADD = $(BUILTIN_LIBS)
|
||||
|
||||
libXextmodule_la_SOURCES = $(MODULE_SRCS)
|
||||
libXextmodule_la_LIBADD = $(MODULE_LIBS)
|
||||
|
|
|
@ -37,6 +37,10 @@
|
|||
#include "xf86Opt.h"
|
||||
#include "optionstr.h"
|
||||
|
||||
#ifdef XSELINUX
|
||||
#include "xselinux.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
* DDX-specific extensions.
|
||||
*/
|
||||
|
@ -67,6 +71,24 @@ load_extension_config(void)
|
|||
if (EnableDisableExtension(key + 4, FALSE))
|
||||
xf86MarkOptionUsed(opt);
|
||||
}
|
||||
|
||||
#ifdef XSELINUX
|
||||
if ((opt = xf86FindOption(modp->load_opt,
|
||||
"SELinux mode disabled"))) {
|
||||
xf86MarkOptionUsed(opt);
|
||||
selinuxEnforcingState = SELINUX_MODE_DISABLED;
|
||||
}
|
||||
if ((opt = xf86FindOption(modp->load_opt,
|
||||
"SELinux mode permissive"))) {
|
||||
xf86MarkOptionUsed(opt);
|
||||
selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
|
||||
}
|
||||
if ((opt = xf86FindOption(modp->load_opt,
|
||||
"SELinux mode enforcing"))) {
|
||||
xf86MarkOptionUsed(opt);
|
||||
selinuxEnforcingState = SELINUX_MODE_ENFORCING;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -39,14 +39,6 @@ static MODULESETUPPROTO(extmodSetup);
|
|||
* Array describing extensions to be initialized
|
||||
*/
|
||||
static ExtensionModule extensionModules[] = {
|
||||
#ifdef XSELINUX
|
||||
{
|
||||
SELinuxExtensionInit,
|
||||
SELINUX_EXTENSION_NAME,
|
||||
&noSELinuxExtension,
|
||||
NULL,
|
||||
NULL},
|
||||
#endif
|
||||
#ifdef XF86VIDMODE
|
||||
{
|
||||
XFree86VidModeExtensionInit,
|
||||
|
@ -88,32 +80,9 @@ extmodSetup(pointer module, pointer opts, int *errmaj, int *errmin)
|
|||
{
|
||||
int i;
|
||||
|
||||
/* XXX the option stuff here is largely a sample/test case */
|
||||
for (i = 0; i < ARRAY_SIZE(extensionModules); i++)
|
||||
LoadExtension(&extensionModules[i], FALSE);
|
||||
|
||||
for (i = 0; i < ARRAY_SIZE(extensionModules); i++) {
|
||||
#ifdef XSELINUX
|
||||
if (!strcmp(SELINUX_EXTENSION_NAME, extensionModules[i].name)) {
|
||||
pointer o;
|
||||
|
||||
selinuxEnforcingState = SELINUX_MODE_DEFAULT;
|
||||
|
||||
if ((o = xf86FindOption(opts, "SELinux mode disabled"))) {
|
||||
xf86MarkOptionUsed(o);
|
||||
selinuxEnforcingState = SELINUX_MODE_DISABLED;
|
||||
}
|
||||
if ((o = xf86FindOption(opts, "SELinux mode permissive"))) {
|
||||
xf86MarkOptionUsed(o);
|
||||
selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
|
||||
}
|
||||
if ((o = xf86FindOption(opts, "SELinux mode enforcing"))) {
|
||||
xf86MarkOptionUsed(o);
|
||||
selinuxEnforcingState = SELINUX_MODE_ENFORCING;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
LoadExtension(&extensionModules[i], FALSE);
|
||||
}
|
||||
/* Need a non-NULL return */
|
||||
return (pointer) 1;
|
||||
}
|
||||
|
|
|
@ -158,7 +158,7 @@ extern _X_EXPORT void AssignTypeAndName(DeviceIntPtr dev,
|
|||
#include <X11/extensions/XKB.h>
|
||||
extern void XkbExtensionInit(void);
|
||||
|
||||
#if defined(XSELINUX) && !defined(XorgLoader)
|
||||
#if defined(XSELINUX)
|
||||
#include "xselinux.h"
|
||||
extern Bool noSELinuxExtension;
|
||||
extern void SELinuxExtensionInit(void);
|
||||
|
|
|
@ -416,6 +416,9 @@ static ExtensionModule staticExtensions[] = {
|
|||
{XvExtensionInit, XvName, &noXvExtension, NULL},
|
||||
{XvMCExtensionInit, XvMCName, &noXvExtension, NULL},
|
||||
#endif
|
||||
#ifdef XSELINUX
|
||||
{SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension, NULL},
|
||||
#endif
|
||||
};
|
||||
|
||||
/*ARGSUSED*/ void
|
||||
|
|
Loading…
Reference in New Issue
Block a user